Image: Western Digital
Western Digital, in case you haven’t heard, had a serious security compromise in March. How significant? The issue was so serious that the company manually shut down its My Cloud service, leaving customers without access to their distant data for more than a week. The company finally disclosed the findings of its internal investigation after 6 weeks, and they aren’t ideal.
Emails sent to Western Digital customers (via Bleeping Computer) state that the company believes hackers may have obtained a database containing customers’ names, phone numbers, mailing and billing addresses, e-mail addresses, and possibly even partial credit card numbers. However, the files containing passwords were encrypted, hashed, and “salted,” indicating that the risk to those documents was quite minimal.
While the data may have some relevance to Western Digital’s My Cloud service, it appears to be more closely associated with the company’s online store. Western Digital is temporarily shuttering its online store; normal service is expected to resume next week.
Bleeping Computer reports that the hackers released evidence of access to Western Digital’s network as recently as April 28. This was likely done to demand payment via ransom. If you have a My Drive or Western Digital store account, you should change your password immediately (and consider using a password manager, too).
Author: Michael Crider, Staff Writer
For more years than he wants to admit, Michael has been improving and customising his personal computer, which he first started using while he was a graphic artist. He likes salsa verde, sports, science fiction, and folk music, albeit not necessarily in that order.