Western Digital has provided more information on the extent of damage caused by the recent cyberattack in March. On March 26, 2023, the company identified a network security incident in which an unauthorized third party gained access to some of its systems. On April 2, 2023, the company announced that it had responded upon discovery of the incident and launched an investigation with the help of leading security industry experts. This investigation is still ongoing and the company is looking to analyze the nature and extent of the illegally obtained data.
An unauthorized party obtained a copy of a Western Digital database used for the company’s online store. The database contained personal data of online store customers, including names, billing and shipping addresses, email addresses, phone numbers, passwords, and partial credit card numbers. The dataset was obtained in encrypted format.
The company is aware that other Western Digital information has been made public and is investigating the validity of the released data. They will continue to report their findings as appropriate and communicate directly with affected customers.
