Storage producer Western Digital has also been hit by a hack. About 10 terabytes of data would have fallen into the wrong hands, including a lot of customer information. The perpetrators are demanding at least $10 million not to publish the data.
One of the hackers showed TechCrunch how the group gained access to the data. Forging WD’s digital signatures allowed the intruders to impersonate the company. How the hackers initially entered the network is not clear.
Unlike a ransomware attack, the hacker group chose to copy the data only. The ransom demanded is therefore not to regain access to the sensitive data, but to prevent it from being exposed. In exchange for the ransom, the hackers also say they will make it clear how Western Digital can prevent a later attack.
The clear language of the hackers shows that they want to be paid quickly. “Stop the nonsense, collect the money, and let’s part ways. In short, let’s put our ego aside and work towards a solution to this chaotic situation.” According to the group member, Western Digital was not attacked for any specific reason. The group chooses their targets ‘randomly’, says the hacker.
Last year we already wrote that companies often choose to accept the offer to pay a ransom. There have been countless examples of hacking incidents in recent years. For example, Samsung was also robbed of customer data last year.
Western Digital’s My Cloud service was offline for two weeks due to the hack, but is now available again.