Western Digital customers who have used the company's Western Digital online store may have had personal information stolen by hackers.
The company revealed in early April 2023 that it suffered a security breach in March 2023 and took some systems offline as a consequence. The information published at the time was scarce. Western Digital did confirm that hackers gained access to several company systems and that it has started an investigation into the breach.
Online magazine Techcrunch managed to talk to one of the alleged hackers in mid-April 2023. It turned out that the hackers managed to obtain about 10 terabytes of data from Western Digital, including internal data. It was still unclear, at this point, if and how Western Digital customers were affected by the breach.
Western Digital has sent out emails to customers on May 5, 2023 in which it informs them about the network security incident. In it, the company confirms that an "unknown third party" managed to access customer data.
In particular, the party managed to obtain access to "limited personal information" from an online store database. The database contains personal information, including "customer names, billing and shipping addresses, email addresses, and telephone numbers". It also included hashed user passwords and "partial credit card numbers" according to Western Digital's emails.
The company has suspended access to its online store and the ability to make online purchases, according to the email. It expects to restore access in the week of May 15, 2023.
Western Digital warns customers that they may receive unsolicited communications. These may ask for personal information, or the clicking on links or viewing of attachments.
Affected Western Digital customers may want to check their password usage. If they have reused the password used on the WD Store, they may want to change it immediately. Once the Store's functionality is restored, they may also want to change the password at the Store.
As Western Digital mentioned in the email, it is possible that customers may be contacted by third-parties using the stolen information. This may happen via email, but since phone numbers and addresses may also be known, it may also happen through these channels. Extra caution is advised.
Closing Words
The hackers may use the data of Western Digital customers in a number of way. They may sell it on the darknet, or use it for their own attacks against particular customers. Western Digital should consider resetting all Western Digital Store account user passwords, as this blocks attacks against the existing user accounts entirely.
Now You: what is your take on Western Digital's response to the incident?
Thank you for being a Ghacks reader. The post Western Digital informs customers that hackers stole personal data appeared first on gHacks Technology News.
0 Commentaires