View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Western Digital cyberattack sees My Cloud services taken offline

The attack was spotted last week, but the storage company has yet to disclose when services might return.

By Claudia Glover

Global storage giant Western Digital has been hacked, leading the company to shut down numerous cloud systems. The incident was detected a week ago but has yet to be resolved, the company said in a statement released earlier today.

Cloud storage giant Western Digital confirms cyberattack. (Photo by Nor Gal/Shutterstock)

Western Digital said an internal investigation is still in its early stages, and that it is coordinating with law enforcement agencies.

Traditionally a vendor of hard drives and other storage devices, it has been building out its cloud services over the past five years with the advent of more network-attached storage options, which connect to the company’s My Cloud platform. In 2022 it reported revenue of $18.7bn, 42% of which derived from cloud storage.

Western Digital announces cyberattack

All services in Western Digital’s My Cloud portfolio, which is used by businesses and consumers, are currently offline, according to the company’s status page. The source of the problem was a “network security incident involving some of its systems,” a statement released this afternoon says.

When unauthorised access to its network was discovered on March 26, Western Digital “implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts,” the statement said. “This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities.”

It added it is “implementing proactive measures to secure its business operations including taking systems and services offline and will continue taking additional steps as appropriate. As part of its remediation efforts, Western Digital is actively working to restore impacted infrastructure and services.”

“Based on the investigation to date, the company believes the unauthorised party obtained certain data from its systems and is working to understand the nature and scope of that data,” the company added, promising to update customers further in the coming days.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Angry customers have taken to Twitter to air their displeasure at the outage.

At the time of writing, efforts to log in to the service show a “503 Service Temporarily Unavailable” error. Tech Monitor has contacted Western Digital for more information on the breach and when services might be restored. An attack on another cloud service, Rackspace, before Christmas ended up taking more than a month to resolve.

It is the second high-profile breach in recent days, after IT services giant Capita confirmed a hack affected its services on Friday. The incident affected access to internal Microsoft Office 365 applications at Capita, causing disruption to clients across the UK, including government organisations.

“Working in collaboration with our specialist technical partners, we have restored Capita colleague access to Microsoft Office 365 and we are making good progress restoring remaining client services in a secure and controlled manner,” the company said.

Read more: New US cybersecurity strategy targets foreign hackers

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.