San Francisco, April 14 – Hackers have stolen around 10 TB data from data storage leader Western Digital that allegedly contains customer information.
According to reports, hackers are demanding ransom in “minimum 8 figures” in exchange for not exposing the stolen data online.
One of the hackers spoke with TechCrunch and provided details about the data breach.
“The hacker shared a file that was digitally signed with Western Digital’s code-signing certificate, showing they could now digitally sign files to impersonate Western Digital,” the report mentioned.
The hackers also shared phone numbers allegedly belonging to several company executives.
They were also able to steal data from the company’s SAP Backoffice, a back-end interface that helps companies manage e-commerce data.
“We are the vermin who breached your company. Perhaps your attention is needed! Continue down this path and we will retaliate,” the hackers reportedly wrote in an email to Western Digital executives.
“We only need a one-time payment, and then we will leave your network and let you know about your weaknesses. No lasting harm has been done. But if there are any efforts to interfere with us, our systems, or anything else. We will strike back,” the hackers wrote.
The company declined to comment about the hacker’s claims.
On April 3, Western Digital said that cyber-criminals exfiltrated data from its systems during a “network security incident”.
On March 26, Western Digital had identified a network security incident involving its systems.
In connection with the ongoing incident, an unauthorised third party gained access to a number of the company’s systems. Upon discovery of the incident, the company implemented response efforts and initiated an investigation with the assistance of leading outside security and forensic experts.
“This investigation is in its early stages and Western Digital is coordinating with the law enforcement authorities,” the company had said in a statement.
As part of its remediation efforts, Western Digital was working to restore impacted infrastructure and services.