Western Digital suffers cyber attack, shuts down systems

Western Digital logo on a smartphone
(Image credit: Getty Images)

Western Digital has revealed it has been hit by a cyber attack, forcing the company to shut down some of its systems.

The company said on 3 April that it identified a network security incident on 26 March. It confirmed that an unauthorised third party gained access to a number of the company’s systems.

After realising it had been breached, Western Digital enacted its incident response protocols and hired external security and forensic experts.

The data storage company said the investigation is still in the early stages, but it’s also coordinating with law enforcement authorities.

Western Digital said it is taking systems and services offline to “secure its business operations”. It’s currently working to restore impacted infrastructure or services.

“Based on the investigation to date, the company believes the unauthorised party obtained certain data from its systems and is working to understand the nature and scope of that data,” the company said.

See more

Western Digital warned that the cyber attack may cause some disruption to its business operations as it is focusing its efforts on “remediating this security incident”.

The company is currently experiencing a widespread service outage on a range of its products, including its network attached storage (NAS) devices:

  • My Cloud
  • My Cloud Home
  • My Cloud Home Duo
  • My Cloud OS5
  • SanDisk ibi
  • SanDisk Ixpand Wireless Charger

“We are working to restore service. We apologise for any inconvenience. Next update will be posted on Monday, April 3,” Western Digital said on its My Cloud service status page.

It appears that cloud, proxy, web, authentication, emails, and push notification services are all down.

See more

A number of users have shared on Twitter that they are experiencing difficulties with logging into the My Cloud service.

See more

"The login service for WD My Cloud Home is unavailable,” tweeted Alejandro Lorente. “Thank you @westerndigital for not letting me access my data that I have in the living room.”

Full details of the incident are yet to be revealed, but Western Digital is the latest in a string of high-profile organisations to have been breached in recent weeks.

Many others including Pension Protection Fund UK, the City of Toronto, Rubrik, and others are all thought to have been attacked via exploits of Fortra's GoAnywhere product.

Ransomware gang Cl0p has previously claimed that it has breached more than 130 organisations through exploits of the vulnerability, and posted American multinational Procter and Gamble on its victim blog on Monday morning as its latest high-profile attack.

Zach Marzouk

Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.