Hackers have reportedly stolen some 10TB of data from Western Digital and are threatening to release it.
Western Digital revealed the breach in early April, saying “an unauthorized third party gained access to a number of the Company’s systems.” The company said at the time that it “believes the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data.”
According to TechCrunch, “certain data” doesn’t quite cover the entire scope of the breach, with the hackers telling the outlet that they stole some 10TB. The hackers’ motivation was money, but they say Western Digital has not been willing to engage with them.
“I want to give them a chance to pay but our callers […] they have called them many times. They don’t answer and if they do they listen and hang up,” the hacker speaking to TC said.
The hackers have emailed the company in their efforts to negotiate a “minimum 8 figures” ransom. The hackers have also emailed some executives’ personal email addresses:
“We are the vermin who breached your company. Perhaps your attention is needed!” the hackers wrote, according to a copy of the email the hackers shared with TechCrunch. “Continue down this path and we will retaliate.”
“We only need a one-time payment, and then we will leave your network and let you know about your weaknesses. No lasting harm has been done. But if there are any efforts to interfere with us, our systems, or anything else. We will strike back,” the hackers continued. “We are still buried in your network and we will keep digging there until we find a payment from you. We can completely conceal this and make it all disappear. Before it is too late, let us do that. Until now, you have been gracious; Let’s hope that you do not keep going the wrong way.”
“Cut the crap, get the money, and let’s both go our separate ways. Simply put, let us put our egos aside and work to find a resolution to this chaotic scenario,” the hackers wrote.
To make matters worse, the hackers have access to the company’s code-signing certificates:
One of the hackers spoke with TechCrunch and provided more details, with the goal of verifying their claims. The hacker shared a file that was digitally signed with Western Digital’s code-signing certificate, showing they could now digitally sign files to impersonate Western Digital. Two security researchers also looked at the file and agreed it is signed with the company’s certificate.
In terms of breaches, this is about as bad as it gets.
