User Tag List
Results 1 to 14 of 14
Thread: Lost 2 terabytes of data - POOF!
-
06-24-2021, 08:52 PM #1
Lost 2 terabytes of data - POOF!
In my entire nerd life I never had any computer or device compromised in any way, and I am always extremely strict about keeping my home network secure since I rely on it every day. Well, well, well, that wasn't enough this time. I woke up to find out that my network attached storage drives were all wiped out completely. I just sat at the desk looking at my computer screen for 10 minutes in total shock. And I am evidently joined by potentially millions of other users that use a specific NAS by Western Digital, as this attack struck all of those drives in a single day, wiping all of them of all data. In my case, that was over 2 terabytes of photos dating back 15 years.
Fortunately, I am also strict about keeping backups, so I have the data safe, but this network drive is mirrored, which provides redundancy in case there is a failure. I have this drive disconnected from the internet, and it's behind a firewall, and yet this worldwide attack found a way to remotely send an SSH script through to execute a factory restore on the device. None of my computers on the network was compromised, and Western Digital does not know yet how this happened.
So, if anybody here is using a Western Digital Network Attached Storage device, disconnect it immediately. This attack occurred yesterday worldwide between 3:00PM ET and 4:00PM ET.
It's going to be a long night
-
David - WI thanked for this postDave Strong liked this post
-
06-25-2021, 02:31 AM #2
Holy cow!!! I do use external WD drives... But I cut off my router when I am not on.
That is nuts, WTF? Hope you have a back up!
-
06-25-2021, 08:38 AM #3
I have a MyBookLive online at the shop... went to work last night after I read this and unplugged the LAN cable... the computer was off but the LAN light was flashing (and nobody but me has access to it) so I figured the worst but this morning everything is still there. I shut down the drive.
Thanks for the warning!
-
06-25-2021, 08:44 AM #4Screaming And Flying!
- Join Date
- Jun 2007
- Location
- Singapore/Melbourne/Italy
- Posts
- 9,097
- Thanks (Given)
- 1008
- Thanks (Received)
- 354
- Likes (Given)
- 4297
- Likes (Received)
- 1953
- Mentioned
- 7 Post(s)
- Tagged
- 0 Thread(s)
-
06-25-2021, 08:59 AM #5
-
06-25-2021, 09:07 PM #6
I assume this only affects the NAS devices and not the hard drives in a PC or external hard drives hooked up through the USB port, otherwise they would mention it.
"One of the penalties for refusing to participate in politics is that you end up being governed by your inferiors". Plato .
-
06-25-2021, 09:11 PM #7"One of the penalties for refusing to participate in politics is that you end up being governed by your inferiors". Plato .
-
06-25-2021, 09:12 PM #8
-
powerabout liked this post
-
06-25-2021, 09:15 PM #9Screaming And Flying!
- Join Date
- Jun 2007
- Location
- Singapore/Melbourne/Italy
- Posts
- 9,097
- Thanks (Given)
- 1008
- Thanks (Received)
- 354
- Likes (Given)
- 4297
- Likes (Received)
- 1953
- Mentioned
- 7 Post(s)
- Tagged
- 0 Thread(s)
-
06-25-2021, 09:50 PM #10
-
powerabout thanked for this post
-
06-27-2021, 10:32 AM #11
Western Digital
Our records indicate that you registered a My Book Live or My Book Live Duo device. To protect your data on the device from ongoing attacks, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet and access your data locally by following these instructions on our Knowledge Base.
Western Digital has determined that some My Book Live and My Book Live Duo devices are being compromised through exploitation of a remote command execution vulnerability. In some cases, the attackers have triggered a factory reset that appears to erase all data on the device.
Our investigation of this incident has not uncovered any evidence that Western Digital cloud services, firmware update servers, or customer credentials were compromised. As the My Book Live devices can be directly exposed to the internet through port forwarding, the attackers may be able to discover vulnerable devices through port scanning.
We understand your data is very important. Some customers have reported that data recovery tools may be able to recover data from affected devices, and we are currently investigating the effectiveness of these tools.
We are continuing our investigation and will post the latest information about this incident on our Product Security Portal. For further assistance, you can contact our Customer Support team.
-
06-30-2021, 08:39 AM #12
Data recovery services
Western Digital has an important announcement for registered My Book Live or My Book Live Duo customers.
Immediately disconnect your My Book Live device from the Internet to protect your data from ongoing attacks. You can disconnect the device and continue to access your data locally by following these instructions on our Knowledge Base.
Some My Book Live devices connected to the Internet are being compromised by attackers and in some cases, the attackers have triggered a factory reset that appears to erase all data on the device.
We are here to help. Although this product family is no longer sold or supported by Western Digital, we know some of our customers have been impacted and we want to help. If you have lost your data as a result of these attacks, we will provide data recovery services which will be available beginning in July.
We know how important your data is to you and are committed to helping you protect it. We are launching a trade-in program that will allow you to upgrade from your My Book Live to one of our supported My Cloud devices.
We will provide details about how to take advantage of these programs in a separate email.
In case you are concerned about other products and services from Western Digital, our investigation of this incident has not found any evidence that our cloud services, firmware update servers, or customer credentials were compromised. The vulnerabilities being exploited are limited to the My Book Live devices, which were introduced to the market in 2010 and received a final firmware update in 2015. These vulnerabilities do not affect our current My Cloud product family.
The latest information about this incident will be available on our Product Security Portal. If you need any additional help, please contact our Customer Support team.
-
07-01-2021, 12:54 AM #13Screaming And Flying!
- Join Date
- Jun 2007
- Location
- Singapore/Melbourne/Italy
- Posts
- 9,097
- Thanks (Given)
- 1008
- Thanks (Received)
- 354
- Likes (Given)
- 4297
- Likes (Received)
- 1953
- Mentioned
- 7 Post(s)
- Tagged
- 0 Thread(s)
I have one too, never registered it and dont have a port to allow internet access.
Makes me think with the current trend that everything you have has to get registered online is just a gift to hackers.
-
07-07-2021, 10:41 AM #14
Hello My Book™ Live/My Book Live Duo Customer,
If you are a My Book Live or My Book Live Duo customer, we are offering the following limited time offer:
Trade-In Offer:
Western Digital is offering current registered My Book Live or My Book Live Duo customers a trade-in discount of 40% off a select new My Cloud™ Home personal cloud storage or My Cloud EX2 Ultra 2-bay network attached storage device. For more information regarding the trade-in offer for eligible devices, please visit My Book Live and My Book Live Duo: Trade-In Offer.
Additionally, if you are a My Book Live or My Book Live Duo customer that has lost data as result of the recent security incident, we are here to help you by offering the following service.
Data Recovery Service (“DRS”) Offer:
Western Digital will help to recover your data using the data recovery services provided by a Western Digital-selected vendor. Western Digital will cover all the costs of shipment of the qualifying product to the DRS vendor and for the DRS. Recovered data, if any, will then be sent to you on one or more My Passport™ portable hard drives. For a list of qualifying products and eligibility requirements, please visit My Book Live and My Book Live Duo: Data Recovery Offer.
At Western Digital, we strive to continually improve our products and customer experiences. To take advantage of either of these services, or if you have any questions, please contact our Western Digital Support Team.
Sincerely,
Western Digital
-
Forkin' Crazy liked this post
Similar Threads
-
Poof ....
By Chaz in forum Computer and Forum SupportReplies: 3Last Post: 09-07-2016, 08:52 PM -
Article: Livorsi's New Data Gateway Delivers CAN Bus Engine Data To Your NMEA2000 Navigation Device
By Scream And Fly in forum vBCms CommentsReplies: 0Last Post: 04-07-2011, 07:15 AM