Global storage giant Western Digital has been hacked, leading the company to shut down numerous cloud systems. The incident was detected a week ago but has yet to be resolved, the company said in a statement released earlier today.
Western Digital said an internal investigation is still in its early stages, and that it is coordinating with law enforcement agencies.
Traditionally a vendor of hard drives and other storage devices, it has been building out its cloud services over the past five years with the advent of more network-attached storage options, which connect to the company’s My Cloud platform. In 2022 it reported revenue of $18.7bn, 42% of which derived from cloud storage.
Western Digital announces cyberattack
All services in Western Digital’s My Cloud portfolio, which is used by businesses and consumers, are currently offline, according to the company’s status page. The source of the problem was a “network security incident involving some of its systems,” a statement released this afternoon says.
When unauthorised access to its network was discovered on March 26, Western Digital “implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts,” the statement said. “This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities.”
It added it is “implementing proactive measures to secure its business operations including taking systems and services offline and will continue taking additional steps as appropriate. As part of its remediation efforts, Western Digital is actively working to restore impacted infrastructure and services.”
“Based on the investigation to date, the company believes the unauthorised party obtained certain data from its systems and is working to understand the nature and scope of that data,” the company added, promising to update customers further in the coming days.
Angry customers have taken to Twitter to air their displeasure at the outage.
At the time of writing, efforts to log in to the service show a “503 Service Temporarily Unavailable” error. Tech Monitor has contacted Western Digital for more information on the breach and when services might be restored. An attack on another cloud service, Rackspace, before Christmas ended up taking more than a month to resolve.
It is the second high-profile breach in recent days, after IT services giant Capita confirmed a hack affected its services on Friday. The incident affected access to internal Microsoft Office 365 applications at Capita, causing disruption to clients across the UK, including government organisations.
“Working in collaboration with our specialist technical partners, we have restored Capita colleague access to Microsoft Office 365 and we are making good progress restoring remaining client services in a secure and controlled manner,” the company said.