Quick Hits

Western Digital Confirms Customer Data Stolen in Ransomware Attack

Company refutes BlackCat claims, saying it still controls digital signature infrastructure.

Since its April 2 disclosure of a ransomware attack, Western Digital has conducted an investigation, which concluded a customer database was stolen that included the personal information of its online customers.

The stolen data set includes the names, physical and email addresses, phone numbers, encrypted and salted passwords, and partial credit card numbers, an update on the ransomware incident from Western Digital said.

Ransomware group BlackCat has been public about its eight-figure ransomware demands to decrypt and return Western Digital's data, even trolling the cyber-incident response team by posting stolen images of their video conference meetings.

Additionally, Western Digital refutes BlackCat's claims to have control of the computer drive manufacturer's code-signing certificate.

"Regarding reports of the potential to fraudulently use digital signing technology allegedly attributed to Western Digital in consumer products, we can confirm that we have control over our digital certificate infrastructure," the company said. "In the event we need to take precautionary measures to protect customers, we are equipped to revoke certificates as needed."

Western Digital added it will continue to investigate data released by BlackCat purported to have been stolen from its systems.

"We are aware that other alleged Western Digital information has been made public," the company added. "We are investigating the validity of this data and will continue reporting our findings as appropriate."

Editors' Choice
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading