Western Digital is still dealing with the fallout from its network breach that occurred in late March. On Thursday, a man who claims he was part of the cyberattack came forward, revealing that the hackers took 10TB of data from Western Digital.
Tech Crunch has spoken with this unidentified individual, who provided evidence that he was part of the attack:
The hacker shared a file that was digitally signed with Western Digital’s code signing certificate, indicating that they could now digitally sign files to impersonate Western Digital. Two security researchers also looked at the file and agreed that it was signed with the company’s certificate.
The hacker claims they have to pay a ransom of “at least 8 figures” from Western Digital, or they will publicly release the collected data. Some of the data comes from the company’s customers, the person said, but there was no further information on what might be included.
A spokesperson for Western Digital would not comment on the hacker’s claims when asked by TechCrunch. The company has so far been very vague about what happened when its network was breached. Its MyCloud online storage service was down for about 10 days this month but was fully restored earlier this week. However, its web store is still offline.