Security News > 2023 > May > Western Digital: Customer info stolen in that IT attack
Customer information was stolen from the IT systems of Western Digital in that March IT security breach, forcing the storage manufacturer to shut down its online store until at least next week.
Western Digital first disclosed the intrusion in early April, saying that in late March its engineers discovered someone had broken into "a number" of the biz's systems.
What wasn't included in the letter were offers from Western Digital to provides such services a credit monitoring, a step that companies whose customers' data was exposed typically offer.
The crooks claiming to have orchestrated the theft boasted at one point they had stolen 10TB of data from Western Digital, including WD's code-signing certificate.
In late April, the BlackCat ransomware group - also known as ALPHV - posted to its own website purported screenshots of data stolen from WD and reportedly interrupted a video-conference call among Western Digital's security incident response team and taunted the group, even going as far as to sharing a screenshot of the meeting, according to cyber researcher Dominic Alvieri.
Another user said that "We need laws that heavily hurt companies that suffer 'customer data breaches', and hurt them even more if they are found to try and cover them up. We need to incentivize these companies to stop holding customer data."
News URL
https://go.theregister.com/feed/www.theregister.com/2023/05/08/western_digital_customer_data/