Digital storage giant Western Digital confirmed that “unauthorized third parties” gained access to its systems and stole personal information belonging to customers of the company’s online store.
“This information includes the customer’s name, billing and shipping address, email address and telephone number,” the San Jose-based company said. said in a reveal last week.
“In addition, the database contains, in encrypted format, hashed and salted passwords and partial credit card numbers. We will be communicating directly with affected customers.”
The development comes just over a month after Western Digital leaked a “network security incident” on March 26, 2023, which prompted the company to discontinue its cloud service.
Further reports from TechCrunch last month revealed that the threat actor behind the attack allegedly possessed “approximately 10 terabytes of data”, and was negotiating with Western Digital for a “minimum 8 figure” ransom to avoid information leaks.
While the identity of the extortionist was unknown at the time, the ALPHV (aka BlackCat) ransomware actor. since taking credit over the theft, issued an ultimatum on April 18, 2023, to make payment or risk releasing “important documents” and “invaluable artifacts”.
The actors have also published various screenshots on their dark web portal, showing what appear to be video calls, emails and documents related to Western Digital’s incident response efforts in an attempt to demonstrate continued access to the company’s systems even after the hack was revealed. .
Western Digital said it was aware of the publication of “other Western Digital alleged information”, that it was “investigating the validity of this data”, and had “control over our digital certificate infrastructure”.
It has also taken steps to take its online store offline, which it says is expected to be restored by the week of May 15, 2023. Access to the My Cloud service was restored on April 13, 2023.