SanDisk maker announces ongoing cyberattack after data stolen by hackers

Data storage giant Western Digital said hackers have gained access to its systems and company data in an ongoing cyberattack that began last week.

In a statement released Monday morning, the company said its IT team initially discovered the network security incident on March 26. The hackers have been able to steal data, the statement said, but Western Digital is still determining how much was taken.

“In connection with the ongoing incident, an unauthorized third party gained access to a number of the Company’s systems,” the company said. Western Digital, which had 2022 revenues of about $19 billion, is best known for portable hard drives and removable memory cards, including the SanDisk brand.

“Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts,” the statement said. “This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities.”

The company did not respond to requests for comment about whether it was dealing with a ransomware attack but said it is “taking systems and services offline” — an action taken by many organizations when dealing with ransomware.

Western Digital said it is trying to restore the affected network infrastructure but warned that the disruptions to business operations may continue for an undisclosed amount of time.

Since the attack began, users of the company’s My Cloud service have reported issues accessing their accounts. The product involves home storage hardware with internet features.

As of Sunday evening, the My Cloud webpage said it is “currently experiencing a service outage impacting the following products: My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, SanDisk Ixpand Wireless Charger.”