Data storage devices maker Western Digital on Monday disclosed a “network security incident” that involved unauthorized access to its systems.
The breach is said to have occurred on March 26, 2023, enabling an unnamed third party to gain access to a “number of the company’s systems.”
Following the discovery of the hack, Western Digital said it has initiated incident response efforts and enlisted the help of cybersecurity and forensic experts to conduct an investigation.
It also said it’s coordinating with law enforcement agencies on the matter, adding the probe is in its initial stages.
The company has taken several of its services offline, noting that the threat actor may have obtained “certain data from its systems” and that it’s working on estimating the nature and scope of the data accessed.
Become an Incident Response Pro!
Unlock the secrets to bulletproof incident response – Master the 6-Phase process with Asaf Perlman, Cynet’s IR Leader!
While Western Digital did not reveal the exact services that are impacted, the My Cloud status page shows that cloud, proxy, web, authentication, emails, and push notification services are down.
“Western Digital is currently experiencing a service outage impacting the following products: My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, SanDisk Ixpand Wireless Charger,” the company said in a message posted on April 2.