Skip to main content
close search
site logo

Western Digital confirms customer data accessed by hackers in attack

The company has begun notifying customers about stolen data and expects to restore its online store next week.

Published May 8, 2023
David Jones's headshot
Reporter
Western Digital and Wired host "A Data-Driven Future: The Future of Mobility and Transportation in 2039."
Western Digital and Wired host "A Data-Driven Future: The Future of Mobility and Transportation in 2039." Ian Tuttle via Getty Images

Western Digital confirmed that hackers gained access to customer information after stealing a database used for its online store, the company said Friday in a filing with the Securities and Exchange Commission

Western Digital discovered the theft after working with forensic experts to investigate an attack that took place in late March and was publicly disclosed April 2.

The stolen customer data includes names, billing and shipping addresses, email addresses, telephone numbers and encrypted data, including hashed and salted passwords, and partial credit card numbers. 

Western Digital planned to directly notify customers, however some customers have already posted copies of email notifications over the weekend. 

After initially disconnecting its systems and services from the public internet, Western Digital is making progress in recovering services. A majority of its operations are back up and running.

Western Digital factories have been operational throughout the process and the company is shipping products to meet its customers needs, the company said. Its My Cloud service was restored in mid-April, and the Western Digital online store is expected to be restored the week of May 15.

The company acknowledged that other alleged Western Digital information has been made public. Numerous reports say the ransomware group Alphv/BlackCat has taken credit for the incident and has been leaking files it claims belong to Western Digital. The group threatened to leak stolen data if Western Digital failed to pay an eight figure ransom demand, according to a TechCrunch report.

Western Digital did not publicly acknowledge the threat group’s claims, however it said it is investigating the validity of the data. Western Digital did confirm last month that it notified law enforcement.

A spokesperson for the FBI in mid-April confirmed that it was aware of the Western Digital incident, but said it would have no further comment as the incident was ongoing. A Moody’s analyst in early April called the attack potentially credit negative, as the company was already facing intense competitive and economic pressure, including reduced IT spending linked to the economy and pricing pressure.

Western Digital said it still has control over its digital certificate infrastructure, however said it has the ability to revoke certificates as needed. 

The company, in the Friday disclosure, disclosed the digital certificate capability in response to reports of the potential to fraudulently use digital signing technology through its consumer products. 

Editors' picks

Company Announcements

View all | Post a press release
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Torus Unveils Integrated Energy Storage and AI-Driven Cybersecurity Solutions
From Torus
October 24, 2024
DigiCert Welcomes Lakshmi Hanspal as New Chief Trust Officer
From DigiCert
October 24, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Editors' picks
Latest in Breaches
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell