Western Digital doesn't have the best track record with security, so it's not much of a surprise that the company just got hacked again. The breach has also shut down most of the company's online services, including My Cloud.

Western Digital disclosed earlier today that it had suffered a "network security incident involving some of its systems." The company is still investigating, so there aren't many details yet. However, Western Digital is "implementing proactive measures to secure its business operations including taking systems and services offline." That leaves just about all WD's services offline right now, including My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, and SanDisk Ixpand Wireless Charger.

Western Digital sells many home NAS drives and systems, all of which are currently inaccessible from outside their home network. The drives generally support Samba (SMB) connectivity, where they appear as standard network drives on Windows, macOS, and Linux, but they require logging into WD's online platform for external access.

This is far from the first time Western Digital has had security problems, though most of them have been with security vulnerabilities in the NAS drives, rather than a problem with online infrastructure. In 2017, it was possible for hackers to gain unrestricted root access to a My Cloud drive using an admin backdoor -- the username was "mydlinkBRionyg" and the password was "abc12345cba." Western Digital eventually fixed that, but another remote access vulnerability was discovered in 2021, and WD didn't even fix all of the affected drives. Around the same time, many owners of the My Book Live drive had their data remotely deleted by hackers, even if they had cloud features turned off.

Via: Bleeping Computer

Source: Western Digital