Western Digital is still dealing with the fallout of a breach of its network that happened in late March. On Thursday, a person who claims to have been a part of that cyberattack came forward, stating that the hackers took 10TB of data from Western Digital.
TechCrunch has communicated with this unnamed individual, who offered evidence that they were part of the attack:
The hacker shared a file that was digitally signed with Western Digital’s code-signing certificate, showing they could now digitally sign files to impersonate Western Digital. Two security researchers also looked at the file and agreed it is signed with the company’s certificate.
The hacker claims that they want to be paid a ransom with a "minimum 8 figures" amount from Western Digital, or they will release the data they collected publicly. The individual says some of the data comes from the company's customers, but there's no further information on what might be included.
A spokesperson for Western Digital would not give any comments about the hacker's claims when asked by TechCrunch. The company has so far been very vague about what exactly happened when its network was breached. Its My Cloud online storage service was down for about 10 days this month but it was fully restored earlier this week. Its web store, however, is still offline.