The listings featured on this site are from companies from which this site receives compensation and some are co-owned by our parent company. This influence: Rank and manner in which listings are presented.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Hackers Taunt Western Digital by Leaking Internal Documents

Hackers Taunt Western Digital by Leaking Internal Documents
Author Image Zane Kennedy
Zane Kennedy Published on 5th May 2023 Former Cybersecurity Researcher

Following the data breach at Western Digital, the ransomware group ALPHV, aka BlackCat, have leaked screenshots of recent internal emails, documents, and video conferences from the company. This indicates that the group may still have access to the company's systems even after Western Digital's response to the cyberattack. ALPHV’s goal seems to be to taunt and humiliate the company in an effort to press them to pay their ransom.

As previously reported, the initial data breach occurred on March 26, with the hackers stealing 10 TB of data from Western Digital's internal network. They have threatened to publish this data on their leak site if a ransom isn’t paid, which allegedly reaches a minimum of eight figures.

It appears that Western Digital has refused to pay thus far. In response, Western Digital was further warned on the hacker’s data leak site on April 18th that if a ransom were not paid, they would continue to hurt the company until it "cannot stand any more".

The ransomware gang's attempts to taunt and intimidate the company have since escalated even further. Security researcher Dominic Alvieri told BleepingComputer that the hackers released twenty-nine screenshots of internal emails, documents, and video conferences related to the company's response to the initial data breach. These images indicate that the group had continued access to some of Western Digital's systems, as they show video conferences and emails discussing the initial attack.

One of the leaked screenshots shows a "media holding statement," and another one regards employees leaking information about the data breach to the press. It's possible that these images were grabbed during the window between the initial detection of the breach and Western Digital’s response, so it is unclear whether the gang still retains access to the company’s systems.

The leaked images also include a message from the hackers claiming to have customers' personal information and a complete backup of Western Digital's SAP Backoffice implementation. However, the source of the data and whether it was stolen during the attack could not be independently verified.

ALPHV’s latest warning to Western Digital reads "we know you have the link to our onion site. Approach with payment prepared, or [redacted] off. Brace yourselves for the gradual fallout".

Western Digital has declined to comment to media outlets regarding the leaked screenshots and the claims by the threat actors.

About the Author

  • Author Image Zane Kennedy
  • Zane Kennedy Former Cybersecurity Researcher

Zane was a Cybersecurity Researcher and Writer at vpnMentor. His extensive experience in the tech and cybersecurity industries provided readers with accurate and trustworthy news stories and articles. He aimed to help individuals protect themselves through informative content and awareness of cybersecurity's crucial role in today's digital landscape.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address