Storage device maker Western Digital on Monday disclosed a “network security incident” involving unauthorized access to its systems.
That violate is said to have occurred on March 26, 2023, allowing an unnamed third party to gain access to “a number of enterprise systems”.
Following the discovery of the hack, Western Digital said it had begun an incident response effort and enlisted the help of cybersecurity and forensics experts to conduct an investigation.
It also said it was coordinating with law enforcement agencies on the matter, adding the investigation was in its early stages.
The company has taken some of its services offline, noting that the threat actor may have obtained “certain data from its systems” and is working to estimate the nature and extent of the data accessed.
While Western Digital did not disclose the exact services affected, it did My Cloud status page indicates that cloud, proxy, web, authentication, email, and push notification services are down.
“Western Digital is currently experiencing a service disruption affecting the following products: My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, SanDisk Ixpand Wireless Charger,” the company said in a message posted on April 2. .