The ALPHV ransomware operation, also known as BlackCat, has shared screenshots of internal emails and video conferences seized from Western Digital, revealing that they likely continued to have access to the firm’s systems even while the company responded to the incident.
The release comes after the threat actor informed Western Digital on April 17th that if a ransom was not paid, they would harm them until they “could not stand anymore.”
Western Digital was the victim of a cyberattack on March 26th, in which threat actors infiltrated its internal network and stole company data. However, no ransomware was installed, and no files were encrypted.
In response, the company suspended its cloud services, including My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS 5, SanDisk ibi, and SanDisk Ixpand Wireless Charger, as well as related mobile, desktop, and online apps, for two weeks.
According to TechCrunch, an “unnamed” hacking group accessed Western Digital and claimed to have stolen ten terabytes of data. The threat actor allegedly shared examples of the stolen data with TechCrunch, including files signed with stolen Western Digital code-signing keys, unlisted corporate phone numbers, and images of other internal data.
In addition, the hackers claimed to have stolen data from the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: