"Western Digital Confirms Ransomware Group Stole Customer Information"

Western Digital recently confirmed that cybercriminals have stolen customer and other information after breaching its systems.  According to the digital storage giant, a security breach was discovered on March 26.  The company noted that it shut down some services in early April as part of its incident response activities and informed customers about a cyberattack.  However, it did not share any updates until May 5.  Western Digital's second public statement comes just days after a ransomware group known as Alphv/BlackCat started publishing screenshots showing the extent of their access.  The screenshots appear to show video calls, emails, and internal documents discussing the cyberattack, as well as internal tools, invoices, and confidential communications.  The adversaries have threatened to make public customers' personal information, firmware, code signing certificates, and intellectual property if they do not pay up.  In the statement issued on Friday, WD confirmed that the hackers accessed a database associated with its online store that contained customers' personal information, including names, billing and shipping addresses, phone numbers, email addresses, hashed and salted passwords, and partial credit card numbers.  The impacted online store is expected to be restored in the week of May 15.  The My Cloud service, which was also shut down following the hack, was restored in mid-April.  The company said it's still investigating the validity of the other data made public by the ransomware group. 

SecurityWeek reports: "Western Digital Confirms Ransomware Group Stole Customer Information"