After an unexpected attack that occurred during this morning, more than a hundred users of the external hard drives My Book Live and My Book Live Duo have woken up to find that all your saved data had disappeared. Some incidents that have been multiplying in the last hours through the Western Digital support forum.
The limited amount of information available at this time makes it difficult to determine what is causing this massive destruction of data, although as we can see in the first information shared by Western Digital itself, everything indicates that it is an individual violation of the customer accounts, and not a massive attack, despite the scale of it.
While the My Book family primarily focuses on storage devices that generally connect via USB, the two affected models focus on a local network connectivity via an Ethernet cable, allowing users to remotely access their files. Unfortunately, as specified by the company, these are devices already discontinued, so received their latest firmware update in 2015, currently the main suspected reason for this vulnerability.
In fact, some users have been able to share scripts and activity logs that showed someone accessing and performing a factory reset on their devices without their knowledge.
«Western Digital has determined that some My Book Live and My Book Live Duo devices are being compromised by exploiting a remote command execution vulnerability. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. We understand that our clients’ data is very important. We are actively investigating the problem and will provide an updated notice when we have more information, “the company shared in its official statement.
So from Western Digital have advised users to disconnect their devices from the network to prevent further attacks as the company investigates the mass removal. Unfortunately, at the moment there is no preview indicating whether this deleted data can be restored and recovered later.