Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Data Storage

WD My Book Users Wake Up To Find Their Data Deleted (arstechnica.com) 3

PuceBaboon writes: Ars Technica is reporting that some owners of Western Digital's My Book network-connected disk drives are experiencing data loss on their devices. The as yet unverified problem appears to be an externally initiated factory-reset, resulting in a loss of all existing data. At this early stage, Western Digital is warning users that they should disconnect their devices from the internet to protect their data. A thread on Western Digital's support forum alerted Ars Technica of the problem. Western Digital representatives write in an email: The incident is under active investigation from Western Digital. We do not have any indications of a breach or compromise of Western Digital cloud services or systems. We have determined that some My Book Live devices have been compromised by a threat actor. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. The My Book Live device received its final firmware update in 2015. At this time, we are recommending that customers disconnect their My Book Live devices from the Internet to protect their data on the device. We have issued the following statement to our customers and will provide updates to this thread when they are available: https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147
UPDATE (6/26): Western Digital wrote Friday that "Some customers have reported that data recovery tools may be able to recover data from affected devices, and we are currently investigating the effectiveness of these tools." After reviewing logs from their affected customers, the company now believes the affected devices were directly accessible from the Internet, allowing attackers to remotely install a malicious Trojan file.

"Our investigation of this incident has not uncovered any evidence that Western Digital cloud services, firmware update servers, or customer credentials were compromised. As the My Book Live devices can be directly exposed to the internet through port forwarding, the attackers may be able to discover vulnerable devices through port scanning."
This discussion has been archived. No new comments can be posted.

WD My Book Users Wake Up To Find Their Data Deleted

Comments Filter:
  • How the hell can something like this happen?
    I suppose there are two possibilities here,
    - people use these devices for backups, I would hope they still have the primary copies
    - people use them for a central repository, I would hope they take backups.
    A quick look at the net indicates that devices currently sold range from 3TB to 18TB, that exceeds quantities I'd be prepared to back up to a cloud by a large margin.
    According to https://www.theverge.com/2021/6/24/22549677/wd-my-book-live-data-deletion-unplug-lan [theverge.com]

    • Not a terrible FP, but I can't directly answer your question or any of the underlying questions. However the answers do tie to my jovial Subject--but I have to explain the twisty twist.

      I really think Western Digital is one of the "nice" ones. A company that really cares about satisfying customers. My proof is anecdotal, but I'll share.

      Many years ago, when I was just a brash young consultant, my primary client wanted to give his young son (now head of the company) a new hard disk for Christmas. As the local

    • How the hell can something like this happen?

      Probably something to do with the devices not having had firmware updates in 6 years. That and the devices being behind wide open networks.

      I don't know a good way around this but consumer grade networking equipment is seldom very well done, and the product launch cycle means that whatever you just bought has already been all but forgotten by the people who made it, since almost all their resources are focused on creating new stuff to stay ahead of the competition. Generally, when updates do become availab

"Look! There! Evil!.. pure and simple, total evil from the Eighth Dimension!" -- Buckaroo Banzai

Working...