Data storage devices maker Western Digital on Monday disclosed a “network security incident” that involved unauthorized access to its systems.
The breach is said to have occurred on March 26, 2023, enabling an unnamed third party to gain access to a “number of the company’s systems.”
Following the discovery of the hack, Western Digital said it has initiated incident response efforts and enlisted the help of cybersecurity and forensic experts to conduct an investigation.
It also said it’s coordinating with law enforcement agencies on the matter, adding the probe is in its initial stages.
The company has taken several of its services offline, noting that the threat actor may have obtained “certain data from its systems” and that it’s working on estimating the nature and scope of the data accessed.
While Western Digital did not reveal the exact services that are impacted, the My Cloud status page shows that cloud, proxy, web, authentication, emails, and push notification services are down.
“Western Digital is currently experiencing a service outage impacting the following products: My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, SanDisk Ixpand Wireless Charger,” the company said in a message posted on April 2.
Western Digital, in a message shared on April 3, said that it’s “currently experiencing a service interruption that is preventing customers from accessing the My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS 5, SanDisk ibi, SanDisk Ixpand Wireless Charger service.”
It also noted that it’s “working urgently to resolve the issue and restore access as soon as possible.”