Western Digital has confirmed that hackers accessed customer data as part of the breach in March this year.
On April 2, 2023, Western Digital released a press release that provided information on what the company called a “network security incident.” The document also confirmed that on March 26, an “unauthorized third party” gained access to a number of Western Digital’s systems. In addition, the company stated that it had initiated an investigation with the assistance of leading outside security and forensic experts.
What action did Western Digital take against the hackers?
At the time, Western Digital implemented proactive measures to secure its business operations, such as taking systems and services offline. The company also confirmed that the hackers had obtained data from its systems. However, at that time, Western Digital was still investigating to work out the nature and scope of the data that had been accessed.
What’s being said now?
On May 5, Western Digital issued another press release on the network sectary incident. The company has now confirmed that the “unauthorized party obtained a copy of a Western Digital database.” The press release also confirmed that the database was used for the company’s online store and contained the personal information of online store customers. This information included customer names, billing and shipping addresses, email addresses and telephone numbers. In addition, the database contained, in encrypted format, hashed and salted passwords and partial credit card numbers.
Western Digital stated that it is communicating directly with customers whose details were obtained by the hackers. The company also revealed that it was aware that other alleged Western Digital information had been made public. In response, Western Digital said that it’s investigating the validity of this data and will report its findings “as appropriate.”
What we think
It’s always a concern when a company has a data breach. It’s also a bigger worry when the breach potentially involves shopping data and payment details. As such, it’s good practice to regularly change your passwords. You should also ensure you don’t share passwords between different accounts or logins. In addition, if Western Digital contacts you, make sure you act on any recommendations.