Data storage devices manufacturer Western Digital announced a “network security incident” involving unauthorized access to its systems.
The breach reportedly occurred on March 26, 2023, and allowed an unidentified third party to gain access to “a number of the company’s systems.”
Western Digital issued a statement on Monday confirming that an unauthorized third party accessed “a number” of the company’s internal systems on March 26.
The nature of the incident and how it occurred have not been confirmed by the company, but the statement suggests that ransomware may have played a role.
According to Western Digital, an external source was able to breach its defenses and infiltrate its systems, although the specific details of the incident have not been disclosed.
The company has since taken measures to investigate the situation, including engaging outside experts and involving law enforcement.
In addition, Western Digital has shut down some of its services in an effort to protect itself.
“Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts”Western Digital
While declining to respond to questions from TechCrunch, the company said it was “implementing proactive measures to secure its business operations” and is working to restore the impacted infrastructure and cloud services.
However, these measures may affect certain Western Digital services.
The company acknowledged that the incident “has caused and may continue to cause disruption to parts of the Company’s business operations.”
Since Sunday, several users of Western Digital’s network-attached storage (NAS) service My Cloud have reported issues accessing their cloud-hosted media repositories.
As of the time of writing, attempting to log in to the service, including the Home version, results in a “503 Service Temporarily Unavailable” error.