Hackers target Western Digital to steal data

US-based data storage supplier Western Digital said it was targeted by a cyberattack last month, which gave hackers unauthorised access to multiple company systems and disrupted some of its business operations. Hackers are also believed to have stolen some data from compromised systems. 

The firm said that its IT team detected a network security incident on March 26 and is investigating it with assistance from security and forensic experts, while also coordinating with law enforcement authorities on the matter. 

To contain the impact of the cyberattack on its operations, Western Digital said that it has taken several systems and services offline and is actively working to restore impacted infrastructure and services. Western Digital's initial investigation shows that hackers have stolen some data from its systems and it is still in the process of figuring out its “nature and scope”. 

“While Western Digital is focused on remediating this security incident, it has caused and may continue to disrupt parts of the company’s business operations,” the firm said in a statement. 

Services that have been impacted by the cyberattack include My Cloud service, which includes personal cloud storage for home users. According to the My Cloud webpage, it is experiencing a service outage, which has impacted My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, and SanDisk Ixpand Wireless Charger. 

Western Digital is one of the leading suppliers of data storage to the consumer electronics and data center industry. Last year it accounted for 37% of the global hard disk drive (HDD) shipments after Seagate (43%), according to a January report by Statista. 

In addition to HDDs, the firm also supplies solid-state drives (SSD) and memory cards. It acquired SanDisk, one of the biggest flash memory manufacturers, in 2016 for $19 billion. 

The firm reported revenue of $3.11 billion in its Q2 2023 financial results, released in January. The cloud segment accounted for 39% of its total revenue, followed by the client (35%) and consumer (26%) segments. 

Shift to remote and hybrid work due to the pandemic has led to an increase in network security incidents, forcing companies to upgrade firewalls, implement network segmentation, and intrusion prevention systems.