Western Digital Redux: My Cloud Alive Again, Ransom is $10M+

WD drivesWD’s My Cloud service is finally back online, but ransomware scrotes demand “eight figures.”

Finally, after some 10 days, Western Digital customers’ My Cloud drives are working again. But the hackers have emerged, asking for a huge payday. Their threat: To release 10 TB of pilfered private data.

But our cat pics are back—panic over, yeah? In today’s SB Blogwatch, we wonder if we can trust WD ever again.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Konnakol metal.

Your Cloud — But For How Long?

What’s the craic? Lorenzo Franceschi-Bicchierai reports—“Hackers claim vast access to Western Digital systems”:

Email system is currently down
The hackers who breached data storage giant Western Digital claim to have stolen around 10 terabytes of data from the company, including reams of customer information. The extortionists are pushing the company to negotiate a ransom — of a “minimum 8 figures.”

On April 3, Western Digital disclosed … hackers had exfiltrated data. … At the time, Western Digital provided few details.

The hacker said that their goal when they hacked Western Digital was to make money, though they decided against using ransomware to encrypt the company’s files. … The hacker said they have … emailed several executives — using their personal email addresses because the corporate email system is currently down — demanding a “one-time payment.”

Who can bring some good news? Michael Kan can—“Western Digital’s My Cloud Finally Restored”:

In the meantime
The My Cloud service returned on Wednesday, 10 days after Western Digital officially reported an outage that made the online storage platform inaccessible. … It’s unclear why My Cloud was down for so long, and what the hackers stole. Western Digital declined to offer any new comment.

In the meantime, some Western Digital customers are demanding the company be more transparent about the breach and what might’ve been stolen. “We need to know what happened, have our details been compromised and what’s going to happen differently in future!?” wrote one user.

Too late, anyway. So says charlie0:

I’ve been asking myself, why waste time setting up a NAS when there are cloud based alternatives for storing data. Then, news like this comes along and reminds me why.

But a 10-day outage? TinCoyote isn’t hugely surprised:

Not a huge surprise. Honestly, I don’t trust WD to put their pants on the right way every morning, let alone run a value-plus service.

However, u/Zarmazarma is more sympathetic:

Meh. They’re about as good as any consumer grade harddrives. They actually had the lowest failure rate in Backblaze’s 2022 roundup. 3 million drive hours on the Ultra Star 14TB with 0.12% failure rate is actually pretty impressive.

It’s not only customers complaining. Employees too—WDC Employee speaks out:

The company has basically been shut down since 4/3. It is my opinion that the company is not meeting its fiduciary duty to its shareholders by not communicating the impact of the security breach. Employees do not have access to the corporate networks, and essentially no work is being done worldwide.

But what should WD do about the ransom demand? See what sagum says:

Best thing would be for Western Digital to tell them release the data to the public. That way, everything is out in the open and no one has to second guess what’s in or out, and WD can get back to fixing the issues they have with security and regaining the trust of consumers.

If both the firmware and security certificates are compromised, as far as I’m concerned WD drives are all a security risk going forward unless everything is made public, and rectified.

You shouldn’t worry too much about the firmware, thinks Bert64:

Someone who hacked a company with the goal of infecting their firmware wouldn’t publicise the hack or demand a ransom. If anything, a high profile hack and data leak is very bad for anyone looking to spread malicious firmware – it potentially exposes them, draws more scrutiny and focus on security.

Meanwhile, u/neocatzeo waxes smug:

I have a WD [My Cloud] NAS. The kind that was reported affected. Only mine wasn’t affected since I’ve blocked its internet access since day one.

And Finally:

Andre vs. V. Shivapriya and B.R. Somashekar Jois

Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.

Image sauce: Knowledgebattle (cc:by-sa; leveled and cropped)

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 643 posts and counting.See all posts by richi