Share this article on:
Computer hardware manufacturer Western Digital has had salt added to a wound left by a recent cyber attack, with the threat group behind it publishing taunting screenshots of the company’s response to the breach.
Hackers allegedly from the ALPHV ransomware group behind the BlackCat hacking operation have suggested that it had access to Western Digital’s network even after the attack was discovered after it leaked screenshots of emails and video conferences about the hardware manufacturer’s response to the attack.
Western Digital suffered a cyber attack on 26 March, after it was discovered that cyber criminals had gained access to the company’s network and stolen data.
While there was no sign of ransomware being used or that any files were encrypted, the hardware manufacturer shut down its cloud services for a fortnight.
“On March 26, 2023, Western Digital identified a network security incident involving Western Digital’s systems,” the company said in a press release.
“In connection with the ongoing incident, an unauthorised third party gained access to a number of the company’s systems.”
The criminal allegedly behind the attack revealed that they had stolen over 10 terabytes of data, sharing samples of the data with tech publication TechCrunch. Data includes unlisted phone numbers, screenshots of internal data and stolen code-signing keys.
While the threat actor claimed not to have any relation with it, the ALPHV ransomware group behind the BlackCat hacking operation claimed responsibility, posting a message on its data leak site.
The group is now threatening to publish data unless a ransom is paid. Otherwise, Western Digital would suffer until it “cannot stand anymore”, according to statements it issued on 17 April.
Now, the group has heightened its threats, posting a number of screenshots and videos detailing Western Digital’s initial response to the attack, which saw it trying to identify the vulnerability that ALPHV used to access its network.
Among the leaked data are video conferences and emails about the attack, as well as employee emails to the press leaking information and the “media holding statement”, all of which is a nod from the hacking group saying, “we’re still here”.
Despite the leaks, which are yet to be verified as real, Western Digital is not negotiating ransom with ALPHV.
Cyber Security Connect has reached out to Western Digital for comment on the leaked screenshots; however, it said that it didn't "have any further comment at this time."