We select and review products independently. When you purchase through our links we may earn a commission. Learn more.

Hackers Publicly Extort Western Digital With Stolen Data

Western Digital signage on a building
Valeriya Zankovych

Western Digital has been embroiled in a high-tech hostage crisis for over a month since hackers stole terabytes of sensitive information from the company. Now, the group known as ALPHV ransomware (aka BlackCat) has leaked some data to extract money from the company, BleepingComputer reports.

The initial breach occurred on March 26th, when the hackers were able to infiltrate WD’s internal network. The company disclosed the incident in a terse statement on April 3rd and described the attack as a “Network Security Incident.” Few details were given about the attack, but the company stated it was responding with proactive measures that included taking its cloud storage systems offline. Services to My Cloud Home were restored about two weeks later.

However, the hackers had no luck extracting a ransom from Western Digital directly. According to a report by TechCrunch, the group attempted to contact the company about payment in exchange for not releasing stolen information publicly. But the company was stonewalling their attempts to communicate. TechCrunch reported that the hackers claimed to be in possession of 10 terabytes of data and wanted a ransom of “a minimum of eight figures.”

After failing to communicate with Western Digital directly or through the media, the hackers issued a final warning to the company on April 18th through the ALPHV website, threatening to release the data unless the company negotiated a ransom. But it appears the company is still refusing to pay the data thieves.

This week, security researcher Dominic Alvieri told BleepingComputer that ALPHV released 29 screenshots of emails, documents, and video conferences discussing the company’s response to the attack, suggesting that the hacker group still had access to company systems even after they were detected. Leaked images include a “media holding statement” and an email about employees leaking information to the news media about the crisis.

According to BleepingComputer, the newly leaked data includes a new threat from the hackers claiming they have personal customer information and a complete backup of WD’s SAP Backoffice implementation. BleepingComputer states that while the data appears to come from Western Digital, it can’t independently verify its source or if it was stolen in the attack.

Review Geek has reached out to Western Digital for comment.

Sources: BleepingComputer, TechCrunch


Danny Chadwick Danny Chadwick
Danny has been a technology journalist since 2008. He served as senior writer, as well as multimedia and home improvement editor at Top Ten Reviews until 2019. Since then, he has been a freelance contributor to Lifewire and ghostwriter for Fit Small Business. His work has also appeared on Laptop Mag, Tom’s Guide, and business.com. Read Full Bio »