‘I’m totally screwed’ – people’s hard drives are being remotely erased by hackers
A company that makes external hard drives has recommended that customers disconnect one of their products from the internet until further notice.
Western Digital’s popular My Book Live storage devices allow people to store terabytes of data – photos, videos and documents – and access them both on a home network and across the web.
However, a critical bug has left the devices vulnerable to hackers.
As a result, thousands of users around the world are reporting their devices, and all the precious information they hold, are being wiped remotely.
The victims flagged the issue on a thread on Western Digital’s support forum.
‘I have a WD mybook live connected to my home LAN and worked fine for years,’ wrote the original poster on the thread.
‘I have just found that somehow all the data on it is gone today, while the directories seem there but empty. Previously the 2T volume was almost full but now it shows full capacity.’
Others joined the conversation and reported their own issues.
‘All my data is gone too. Message in GUI says it was “Factory reset” today! 06/23,’ another victim wrote.
‘I am totally screwed without that data… years of it.’
Western Digital posted a message on its website advising users to take their devices offline.
The company followed up with an email to customers.
‘The incident is under active investigation from Western Digital. We do not have any indications of a breach or compromise of Western Digital cloud services or systems,’ it wrote.
‘We have determined that some My Book Live devices have been compromised by a threat actor. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. The My Book Live device received its final firmware update in 2015.
‘At this time, we are recommending that customers disconnect their My Book Live devices from the Internet to protect their data on the device.
‘We have issued the following statement to our customers and will provide updates to this thread when they are available: https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147.’
The issue was picked up by the popular security blog Krebs on Security, who pointed out the vulnerability was reported to Western Digital in 2018.
At the time, the company responded with the same line – that users should avoid connecting to the internet – because the product was an older one that was no longer supported.
‘In some ways, it’s remarkable that it took this long for vulnerable MyBook devices to be attacked,’ Krebs wrote.
If you own a Western Digital My Book Live NAS, then you should make sure that remote access is not enabled. You can do this in the device settings menu.