Western Digital has fallen victim to a cyber attack. As a result, disruptions in accessing WD My Cloud occurred and continue to occur. More detailed information is missing so far.
Problems since the end of March
Many users have had problems accessing the cloud service WD My Cloud since the weekend. Western Digital has now announced that an attack on its own systems took place on March 26. Since then, the company has been working with the relevant authorities as well as security researchers to clarify and solve the problem.
Western Digital also announced that the attackers initially managed to penetrate a single system of the company. From there, they were able to gain access to other Western Digital systems.
It is not yet known what data was accessed. The company has stated that it is currently investigating this matter – and assumes that data has been stolen. Thus, it is also unclear what impact the attack will have for the company as well as for users.
Business disruptions
Meanwhile, further disruptions to business operations, which may go beyond the previous connectivity issues with My Cloud, are to be expected. Western Digital, for example, has said that it may shut down individual components of its offerings. This is to be expected until the incident is completely clarified. Further details have not been announced yet. It is therefore difficult for users to estimate what kind of disruption they will have to expect and for how long. Further information can be expected in due course.
Western Digital is known for its cloud storage solutions, which are aimed at both companies and private individuals. Those who have outsourced their entire digital infrastructure to Western Digital’s cloud face correspondingly large problems. In the past few years, Western Digital has repeatedly had to deal with security problems. For example, for a year and a half, exploits were found on the Internet that allowed admin access to NAS devices from Western Digital. In January 2022, further security vulnerabilities were closed, which also facilitated third-party access.