What Business Owners Can Learn From the Western Digital Breach
A month after the breach, Western Digital provided an update on a network security incident involving its systems. It also notified customers that their personal data had been compromised.
What happened?
On March 26, 2023, a network security incident was uncovered wherein an unauthorized third party successfully infiltrated several of the company’s systems.
On April 2, 2023, it was publicly communicated that immediate incident response measures were deployed upon detection of the breach. As a precautionary measure, it proactively disconnected its systems and services from the public Internet. This included its My Cloud service, its personal cloud storage service, and its online store. The former was restored on April 13, 2023, while the latter is expected to be restored the week of May 15, 2023.
How many people were affected?
In its latest update, Western Digital has yet to reveal the extent or the scope of the breach, as it is an ongoing investigation. However, it did disclose that an unauthorized party obtained a copy of a Western Digital database used for its online store that contained some personal information of its customers.
This information included:
- customer names,
- billing and shipping addresses,
- email addresses, and
- telephone numbers.
In addition, the database contained, in encrypted format, hashed and salted passwords and partial credit card numbers.
What do we know about the attack?
Western Digital has yet to disclose the nature of the attack.
What lessons can we learn and apply?
The importance of having an incident/breach response plan cannot be overstated in today’s digital age. A well-defined incident response plan can help minimize the damage caused by a security incident, such as data theft, system disruption, or reputational damage.
An incident response plan should include clear procedures and guidelines for identifying, analyzing, containing, and resolving any security incidents. It should also define the roles and responsibilities of different stakeholders, such as IT staff, management, legal counsel, and public relations.
In Western Digital’s context, the lack of an initial announcement left customers fuming at the sudden My Cloud outage, as they were unable to access their files. The proactive disconnection, though intended to prevent further damage, left customers anxious. Even a 12-hour delay in announcing the breach can have negative consequences on brand perception; Western Digital took more than 24 hours. Considering the services offered (personal cloud storage), the response time could be improved.
In addition, customer communication is another area of improvement. Its social media presence was unable to adequately answer customer queries regarding the breach. This is another gap in incident response that can be addressed – how to answer customers’ questions about the incident.
By having a well-designed incident response plan in place, organizations can minimize the impact of a security breach and protect their assets and reputation.
The post What Business Owners Can Learn From the Western Digital Breach appeared first on GuardRails.
*** This is a Security Bloggers Network syndicated blog from GuardRails authored by GuardRails. Read the original post at: https://blog.guardrails.io/what-business-owners-can-learn-from-the-western-digital-breach/