Hackers who reportedly breached Western Digital have seized about 10 terabytes of data and are holding it hostage. The hackers seem to have gained control over the company’s code-signing certificate, private phone numbers of executives, stolen SAP Backoffice data, and also achieved administrator access to Western Digital’s Microsoft Azure instance. The company reported a “network security incident” earlier this month that gave an “unauthorized third party” access to data from its systems.

According to TechCrunch, the hackers are demanding a “minimum eight-figure” ransom to prevent the publication of the stolen data. Western Digital has declined to comment on the situation, but it is coordinating with law enforcement agencies and working with external security and forensic experts.

Although Western Digital admitted that hackers had “accessed some of the company’s systems,” it is not clear what customer data has been stolen. The lack of transparency from Western Digital regarding this breach does not inspire confidence in its customers. The company described the My Cloud issue as a “service interruption” or “outage” in support notes published on Twitter, but it is clear that the incident is more than a typical service outage.

This is not the first time that Western Digital has experienced security problems. In 2021, hackers wiped out a considerable amount of data on My Book Live cloud storage products due to a 0-day exploit. Western Digital was compelled to provide free data recovery services and a trade-in program for My Book Live owners, with petabytes of data presumed to have been affected.

The latest incident underscores the importance of businesses’ cybersecurity measures and the need for transparency in data breaches. Companies should be more proactive in safeguarding their data and informing their customers about security incidents. Additionally, businesses must prepare for the worst-case scenario by implementing robust incident response plans and regular security audits to prevent future security breaches.