TechCrunch reports that one of the hackers has provided the outlet with a file that was “digitally signed with Western Digital’s code-signing certificate”. These were verified by two other security researchers, proving that the hackers can now impersonate the company with digital signage. The report notes that the hacker group, which does not go by any specific name, claims to have picked Western Digital as a target at random. They also claim to have done it solely for the money. But in their attempts to collect, they have called and sent emails to a number of the company’s executives, but have not gotten a response. According to their claims, once the payment is received the hackers will not only leave Western Digital alone, but also offer to let them know where the gaps in their network security are. Otherwise, the group claims that they will start publishing the stolen data on the website of Alphv, another hacker group notorious for ransomware. Despite this, the hackers claim to not be directly affiliated to said group. A Western Digital spokesperson has declined to comment on the hackers’ claims when requested by TechCrunch. Similarly, the hackers didn’t want to share the method used to not only break in, but also retain access to the network. For what it’s worth, the affected services that went down have been restored in the middle of the week, specifically on 12 April, according to the My Cloud Service Status page. (Source: TechCrunch)
