Western Digital, a leading digital storage company, has recently announced that an unauthorised third party gained access to its systems, resulting in a data breach affecting the personal information of its online store customers. This incident comes shortly after a network security incident prompted Western Digital to take its cloud services offline. In this article, we will delve into the details of the breach, the information compromised, and the company’s response to the situation.

The Data Breach and Compromised Information:

The breach exposed sensitive customer data, including customer names, billing and shipping addresses, email addresses, and telephone numbers. The stolen database also contained encrypted hashed and salted passwords, as well as partial credit card numbers. Western Digital has reassured its customers that it will directly communicate with those impacted by the breach to provide further information and guidance.

The Extortion Attempt and Ransom Demand:

It was revealed that the threat actors responsible for the breach were in possession of approximately 10 terabytes of data and were engaging in negotiations with Western Digital for a ransom amounting to a minimum eight-figure sum. While the identity of the extortionists was initially unknown, ALPHV (aka BlackCat) ransomware actors have since claimed responsibility for the theft. They issued an ultimatum to Western Digital, threatening to release “important documents” and “priceless artefacts” if the ransom was not paid.

Publication of Stolen Data and Continued System Access:

ALPHV ransomware actors have further demonstrated their access to Western Digital’s systems by publishing screenshots on the dark web. These screenshots include video calls, emails, and documents related to the company’s incident response efforts. Western Digital has acknowledged this publication and is actively investigating the validity of the data. The company also assured customers that it retains control over its digital certificate infrastructure.

Response and Impact:

In response to the breach, Western Digital has temporarily taken its online store offline to investigate the incident thoroughly and implement necessary security measures. The company plans to restore online store access during the week of May 15, 2023. The My Cloud service, however, has already been restored as of April 13, 2023. The exact number of affected customers has not been disclosed by Western Digital at this time.

Ensuring Security and Rebuilding Trust:

Western Digital is committed to investigating the breach and mitigating any potential harm caused by the incident. The company aims to rebuild customer trust by implementing robust security measures and enhancing its data protection protocols. By taking these proactive steps, Western Digital strives to safeguard customer information and prevent future data breaches.


The unauthorised access and data breach experienced by Western Digital’s online store has raised concerns about the security of customer data. The incident highlights the importance of robust cybersecurity measures and constant vigilance in today’s digital landscape. Western Digital is actively responding to the breach, working to restore its online store and strengthen its security infrastructure. As customers, it is essential to remain vigilant, monitor personal accounts for any suspicious activity, and follow any instructions or updates provided by Western Digital to protect sensitive information.