In case you missed it, in the past couple of weeks Western Digital was facing a major cybersecurity issue that brought down its My Cloud service. The hackers behind it have now surfaced, claiming to have 10TB of data stolen from Western Digital which includes customer information. They’re now asking for a ransom of at least 8-figures if Western Digital doesn’t want the stolen data made public.
In a new report by Tech Crunch, the hackers have apparently gotten in touch with the publication to prove that they had the data with them. They shared with Tech Crunch a file that had been digitally signed using a Western Digital code-signing certificate. This seems to imply that the hackers can now impersonate Western Digital by forging their digital signature. Tech Crunch added that they had two security researchers analyse the file, and they found that the signature really is Western Digital’s certificate.
On top of that, the hackers also managed to get the personal phone numbers of several Western Digital executives. Tech Crunch called these numbers up and most of them did ring, with two of them going to voicemail which then mentions the name of the person the hacker said they belonged to. The hackers added that they had stolen data from Western Digital’s back end interface that manages their eCommerce data too, together with internal emails and files stored in a PrivateArk instance.
The hackers claim that their only goal in this data breach was to make money. They say that they’ve been trying to contact Western Digital numerous times since the hack, emailing executives on their personal emails too. They’re demanding a one-time payment, according to Tech Crunch, and state that they’ll leave Western Digital alone after that. Western Digital was apparently chosen randomly by the hackers, who declined to name themselves.
However, they added that if Western Digital won’t respond to their demands they’ll publish stolen data on the website of the Alphv gang, though they aren’t directly affiliated with Alphv. Western Digital spokesperson Charlie Smalling declined to comment on any of the claims made by the hacker, including the amount of data stolen or if customer data is included.
Western Digital’s troubles originally began at the start of the month, with the company revealing that they had suffered a network security incident on 3 April. They found that the hackers had exfiltrated data from their systems, leading to their services being down for nearly two weeks, before finally going back online earlier this week.