Ransomware group BlackCat has launched a set of screenshots on its leak website that it claims are of the stolen knowledge from Western Digital. The pictures embody screenshots of video conferences and inside emails of the storage gadget producer, in keeping with a tweet by cybersecurity researcher, Dominic Alvieri.
The screenshots additionally included a picture of a current assembly held by Western Digital the place the corporate was discussing how to answer the cyberattack. The ransomware group together with the picture wrote, “with the best menace hunters Western Digital has to supply.” The pictures of the contributors had been blurred.
Western Digital suffered a community breach
Western Digital disclosed it had suffered a community breach on April 3. The incident was first recognized by the corporate on March 26 and the corporate revealed that an unauthorized third get together gained entry to a number of of the corporate’s techniques.
“Primarily based on the investigation thus far, the Firm believes the unauthorized get together obtained sure knowledge from its techniques and is working to grasp the character and scope of that knowledge,” Western Digital mentioned.
The corporate additionally mentioned that it was taking down sure techniques and providers offline as a proactive safety measure. Following the incident, a number of customers reported that they weren’t in a position to entry Western Digital’s network-attached storage service My Cloud.
“We’re at present experiencing a service interruption that’s stopping clients from accessing the My Cloud, My Cloud Residence, My Cloud Residence Duo, My Cloud OS 5, SanDisk ibi, SanDisk Ixpand Wi-fi Charger service,” the corporate mentioned on April 3. The providers had been restored on April 12, in keeping with the standing web page.
BlackCat threatens to launch extra knowledge
Together with the screenshots that BlackCat at present posted, the group additionally posted a be aware that states it will launch extra knowledge and finally put Western Digital’s mental property on sale.
“Starting subsequent week on an unspecified day, we are going to share leaks each week till we lose curiosity. As soon as that occurs, we are going to put their mental property up on the market, together with code signing certificates, firmware, personally identifiable info of consumers, and extra,” BlackCat mentioned, including that the group had obtained a full backup of Western Digital’s SAP Again Workplace, which dates again to the final week of March.
The group additionally claimed it was doing so as a result of Western Digital didn’t get involved with them. There was no additional replace on the difficulty from Western Digital nor affirmation of any ransom demanded.
BlackCat turns into extra lively
BlackCat, often known as ALPHV group, was the second most lively ransomware in 2022, in keeping with Malwarebytes. It was the primary ransomware to be coded within the Rust programing language. In February, the ransomware group listed over 6GB of knowledge allegedly stolen from the Munster Technological College in Eire on its web site.
The Lehigh Valley Well being Community disclosed on February 20 that it had been attacked by the BlackCat ransomware gang and said that it will not pay a ransom. Following this, the gang posted photos of nude most cancers sufferers on its website. The images had been scientific pictures used as a part of radiotherapy.
Copyright © 2023 IDG Communications, Inc.