The cybercriminals who hit storage maker Western Digital Corp. in a network breach earlier this month have returned to demand ransom for stolen data, which includes customer information
The hackers have claimed the theft of more than 10 terabytes of data and are seeking “a minimum 8 figures” not to leak sensitive information.
Western Digital disclosed that it fell victim to a “network security incident” on April 3 in which threat actors gained entry to its internal network. At the time, the company did not reveal what systems were affected or what data might have been struck except to say, “the company believes the unauthorized party obtained certain data from its systems.”
The attack led to a service outage that affected numerous parts of Western Digital’s consumer-facing cloud services for storage devices including My Cloud, My Cloud Home which locked them out of their data and in some cases devices. Those services are now restored. Western Digital has yet to give any details from its investigation as to what systems or data were affected by the intrusion.
One of the hackers claiming to have hit Western Digital’s systems spoke with TechCrunch on Thursday and claimed to have stolen more than 10 terabytes of data from the company. The hacker also shared a file with the news site, which was signed with a security certificate associated with the company that was authenticated.
To further prove that they had infiltrated the company’s systems, the hacker also provided a series of phone numbers that included two that belonged to Western Digital executives and screenshots of a group call that included the company’s chief information security officer.
According to TechCrunch, the hackers say they’ve attempted to contact Western Digital in order to offer the ransom, but the company has not listened. “I want to give them a chance to pay but our callers […] they have called them many times. They don’t answer and if they do they listen and hang up,” the hackers said.
The hackers did not reveal what kind of customer data was stolen or how they broke into the network. Equally baffling is that they did not give a name for their group, instead saying that they do not go by any name.
If Western Digital fails to respond to their demands, the hackers said, that the group will begin publishing the leaked data on the website of the ransomware group Alphv, also known as BlackCat.
Image: TheDigitalArtist/Pixabay
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
Source link
