Users of the Western Digital My Cloud service are fuming after a network breach has locked them out of their data for more than 24 hours and has put company-handled information into the hands of currently unknown hackers.
The inability to access data stored in My Cloud was reported on social media by multiple users, including this one, who indicated the outage started sometime on Saturday. Since then, the number of users (and their anxiety levels) have only ratcheted up.
Sounds like ransomware
By early morning California time on Monday, Western Digital issued a release saying that a week ago Sunday the company learned that an “unauthorized third party gained access to a number of the Company’s systems.” The release added: “Based on the investigation to date, the Company believes the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data.”
The status page for My Cloud was updated on Sunday to show that services including My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, and SanDisk Ixpand Wireless Charger are completely down. The page provided no estimate on when service may be restored. The outage means that users cannot access any data they stored in My Cloud. The outage also extends to the ability to use proxy, web, authentication, email, and push notifications.
There are currently no details available about the unauthorized access of Western Digital’s network and the theft of its data. Brett Callow, a ransomware expert at security firm Emsisoft, said: “It’s impossible to say for sure, but it sounds like Western Digital may have a #ransomware incident.” That raises the possibility that data stored in My Cloud or code needed for customers to access it has fallen into the hands of criminal hackers.
Locked out
Many users took to social media to report that the outage locked them out of data they needed to perform work tasks. “The login service for WD My Cloud Home is unavailable,” one user wrote on Sunday. “Thank you @westerndigital for not letting me access my data that I have in the living room.” On Monday morning, another user wrote: “@westerndigital When are you gonna fix the 503 error? I need to access the information ? Since Saturday i cannot enter in the cloud.”
While Western Digital provides customers with a storage device that stores data locally, the accompanying My Cloud service allows them to back it up to an off-premises server and to access the contents remotely over the Internet. According to posts like this one on Western Digital’s customer support pages, users by default must authenticate themselves on MyCloud.com to enable local network access to My Cloud data. With home.mycloud.com delivering a 503 error, many users are effectively locked out.
Western Digital representatives didn’t respond to an email asking what the current status of the outage is and what, if any, steps users can take to regain access to their data while it continues.
Western Digital is warning that the incident “has caused and may continue to cause disruption to parts of the Company’s business operations.” The company also said it is “implementing proactive measures” and is working to restore affected infrastructure and services. The company added that it retained an unnamed security firm to investigate and is also coordinating with law enforcement.