- Western Digital Corp WDC hackers are claiming a ransom — of a "minimum 8 figures" in exchange for not publishing 10 terabytes of data stolen from the company.
- The data stolen includes reams of customer information, TechCrunch reports.
- On April 3, Western Digital updated on a network security incident identified on March 26, 2023. An unauthorized third party accessed several of the company's systems in connection with the ongoing incident.
- Also Read: Cybersecurity Firm Warns Financially Motivated Cyber Criminals Actively Exploiting Zero-Day Vulnerabilities, Microsoft Patches Bug
- One of the hackers proved they could now digitally sign files to impersonate Western Digital.
- They also shared phone numbers allegedly belonging to several company executives.
- One of the hackers shared screenshots showing a folder from a Box account belonging to Western Digital, an internal email, files stored in a PrivateArk instance (a cybersecurity product), and a screenshot of a group call where one of the participants is Western Digital's chief information security officer.
- The hackers also said they were able to steal data from the company's SAP Backoffice, which helps companies manage e-commerce data.
- Their goal was to make money, though they decided against using ransomware to encrypt the company's files.
- The hacker said they have also emailed several executives — using their email addresses because the corporate email system is currently down — demanding a "one-time payment."
- Hackers said they come up with targets "randomly. They exploit vulnerabilities within their infrastructure and reach the global administrator of their [Microsoft Corp MSFT] Azure tenant.
- The hacker threatened to start publishing the stolen data on the website of the ransomware gang Alphv if Western Digital failed to give in to their demands.
- Price Action: WDC shares traded higher by 3.04% at $38 premarket on the last check Friday.
© 2023 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.