Western Digital has been embroiled in a high-tech hostage crisis for over a month since hackers stole terabytes of sensitive information from the company. Now, the group known as ALPHV ransomware (aka BlackCat) has leaked some data to extract money from the company, BleepingComputer reports.
The initial breach occurred on March 26th, when the hackers were able to infiltrate WD’s internal network. The company disclosed the incident in a terse statement on April 3rd and described the attack as a “Network Security Incident.” Few details were given about the attack, but the company stated it was responding with proactive measures that included taking its cloud storage systems offline. Services to My Cloud Home were restored about two weeks later.
However, the hackers had no luck extracting a ransom from Western Digital directly. According to a report by TechCrunch, the group attempted to contact the company about payment in exchange for not releasing stolen information publicly. But the company was stonewalling their attempts to communicate. TechCrunch reported that the hackers claimed to be in possession of 10 terabytes of data and wanted a ransom of “a minimum of eight figures.”
After failing to communicate with Western Digital directly or through the media, the hackers issued a final warning to the company on April 18th through the ALPHV website, threatening to release the data unless the company negotiated a ransom. But it appears the company is still refusing to pay the data thieves.
You have to read this final warning.@westerndigital @BleepinComputer https://t.co/P625juLWo1 pic.twitter.com/ohvc2QRP7g
— Dominic Alvieri (@AlvieriD) April 18, 2023
This week, security researcher Dominic Alvieri told BleepingComputer that ALPHV released 29 screenshots of emails, documents, and video conferences discussing the company’s response to the attack, suggesting that the hacker group still had access to company systems even after they were detected. Leaked images include a “media holding statement” and an email about employees leaking information to the news media about the crisis.
According to BleepingComputer, the newly leaked data includes a new threat from the hackers claiming they have personal customer information and a complete backup of WD’s SAP Backoffice implementation. BleepingComputer states that while the data appears to come from Western Digital, it can’t independently verify its source or if it was stolen in the attack.
Review Geek has reached out to Western Digital for comment.
Sources: BleepingComputer, TechCrunch