Tech Gadget Central Latest Tech News and Reviews
Western Digital informed customers that their data was stolen on Friday, a month after it disclosed a data breach.
On March 26, the company detected “a network security incident” where hackers “gained access to a number of the Company’s systems,” according to a press release.
“The Company proactively disconnected our systems and services from the public Internet to secure our business operations. “Most of our impacted systems and services are now operational,” the company wrote.
Western Digital confirmed with “outside forensic experts” that hackers “obtained a copy of a Western Digital database used for our online store that contained some personal information of our online store customers.”
The stolen data included “customer names, billing and shipping addresses, email addresses and telephone numbers” and “passwords and partial credit card numbers” that were encrypted, hashed, and salted to hide the original plaintext data and make it harder for hackers to see the real passwords and partial credit card numbers.
The company also notified hack victims. Received a Western Digital message from a customer that matches other articles.
The email informed customers “about a network security incident involving your Western Digital online store account.”
The company advised victims to be “cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information,” avoid clicking on links or downloading attachments “from suspicious emails,” and check whether their email accounts have spam settings to detect and block “suspicious emails.”
Western Digital spokesperson Charlie Smalling referred to the Friday update when asked how many customers were affected.
Western Digital announced a data breach on April 3, without specifying what data was stolen. A hacker told that the stolen data was 10 terabytes and included customer data.
The hackers tried to extort the company by promising not to publish the stolen data.
“We breached your company. According to copy of the hackers’ email, “Perhaps your attention is needed.” “We will retaliate.”
Western Digital ignored these requests, as the hackers published some of the stolen data on Alphv’s website. On April 28, the hackers promised to “share leaks every week until we lose interest” in “code signing certificates, firmware, personally identifiable information of customers, and more.”
Hackers may not have released all the stolen data.
