Hackers are threatening to publish stolen data from a recent breach of Western Digital’s systems in March unless the company pays a hefty ransom. But the hard drive maker is not playing ball.
Earlier this month, Western Digital revealed a “network security incident” where an “unauthorized third party gained access to a number of the Company’s systems.” WD also admitted that the attackers “obtained certain data from its systems” but didn’t release any additional information about the stolen data.
According to this Techcrunch report, the hackers claim to have stolen at least 10TB of the company’s data, including customer information. The hackers shared some of the stolen data with Techcrunch so that it could independently verify that it was legit. They said they plan to release the data publicly unless Western Digital pays a “minimum 8 figures” in ransom for it.
The hackers claim to have attempted to communicate with Western Digital, saying that “they have called them many times. They don’t answer and if they do they listen and hang up.”
They also shared a series of emails sent to Western Digital executives demanding money with Techcrunch. The tone in these emails grows increasingly desperate and hostile as time passes.
“We only need a one-time payment, and then we will leave your network and let you know about your weaknesses. No lasting harm has been done. But if there are any efforts to interfere with us, our systems, or anything else. We will strike back,” the hackers wrote.
“We are still buried in your network, and we will keep digging there until we find a payment from you. We can completely conceal this and make it all disappear. Before it is too late, let us do that,” they continued.
“Cut the crap, get the money, and let’s both go our separate ways. Simply put, let us put our egos aside and work to find a resolution to this chaotic scenario.”
The hackers declined to identify themselves and said Western Digital was targeted “randomly.” If Western Digital doesn’t agree to pay the ransom, the hackers say the data will be published on the website of the ransomware group Alphv, which they claim they have no direct affiliation with.