Western Digital is advising owners of its My Book Live storage drives to disconnect them from the internet until further notice, following reports from around the world that some devices have been compromised and wiped clean by malicious software.
The WD My Book Live is the company's network-attached storage device with the book-style design that can stand upright on a desk. The drive is typically connected to computers via USB and connects to a local network via ethernet. Meanwhile, the WD My Book Live app lets users access their stored files remotely through Western Digital's cloud servers.
As reported by
BleepingComputer, My Book Live and Live Duo device owners on Thursday began flooding Western Digital's support forums with reports that all of their files had been mysteriously deleted and that they could no longer access the device via the offical app or a browser.
When they attempted to log in using the drive's web dashboard, the drive told them they had an invalid password. Many other owners have also confirmed that their device has been hit with the same issue. "All my data is gone too," another user said. "I am totally screwed without that data... years of it."
Following further reports, a pattern has gradually emerged in shared
device logs that points to a remote command initiating a factory reset on affected devices beginning at around 3:00 p.m. on Thursday and continuing throughout the night.
Western Digital has advised customers in a
new support notice to disconnect their My Book Live devices while the company investigates the destructive attacks. The company has since told
BleepingComputer they are actively investigating the attacks but do not believe it was a compromise of their servers.
If the company is correct in saying its servers haven't been hacked, it's unclear how so many My Book Live accounts could be compromised at or around the same time. We've asked for more information from Western Digital regarding the matter and will post an update to this story if we hear anything back, but the advice for device owners for now is clear: Disconnect your My Book Live.
Article Link:
Western Digital Asks 'My Book Live' Device Owners to Unplug After Reports of Remotely Wiped Drives