Cybercriminals who hacked into Western Digital (WD) resources and stole sensitive data in late March 2023 released screenshots of internal emails and other documents, which they say indicate the company’s efforts to resolve the incident are insufficient were.
A total of 29 screenshots of emails, documents, and video conferences related to WD’s post-hack actions were found. It’s logical to assume that hackers still have access to the company’s systems, but that doesn’t necessarily have to be the case. Usually, after such incidents, victims of cyber criminals try to understand how access was gained, after which the vulnerability is blocked. In other words, there may be some time between detecting a hack and responding to an incident – this is the window where hackers might take screenshots.
At the end of March, unknown attackers hacked into WD systems and stole 10 TB of confidential data – they did not encrypt it and stated that they are not connected to other ransomware groups. The hackers demanded that the company pay the ransom and threatened to harm the company if they did not. Cyber criminals also shared some of the information with journalists, but concluded that its authenticity could not be confirmed by an independent audit. To address the vulnerability, WD temporarily blocked access to its cloud services. The company did not comment on the release of screenshots.