Message-ID:

I surely do hope that's a syntax error. -- Larry Wall in <199710011752.KAA21624@wall.org>

computers / alt.comp.os.windows-10 / Re: [Data Breach] Western Digital

Re: [Data Breach] Western Digital

<J4z5M.2944857$vBI8.647190@fx15.iad>

https://news.novabbs.org/computers/article-flat.php?id=76847&group=alt.comp.os.windows-10#76847

copy link Newsgroups: alt.comp.os.windows-10 alt.comp.os.windows-11 alt.comp.software.thunderbird alt.comp.software.firefox

Path: i2pn2.org!i2pn.org!news.1d4.us!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx15.iad.POSTED!not-for-mail
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.10.0
Reply-To: Nic@none.net
Subject: Re: [Data Breach] Western Digital
Content-Language: en-US
Newsgroups: alt.comp.os.windows-10,alt.comp.os.windows-11,alt.comp.software.thunderbird,alt.comp.software.firefox
References: <yYy5M.1715318$MVg8.161366@fx12.iad>
From: Nic@none.net (Nic)
Organization: Arm Chair Observer
In-Reply-To: <yYy5M.1715318$MVg8.161366@fx12.iad>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Lines: 15
Message-ID: <J4z5M.2944857$vBI8.647190@fx15.iad>
X-Complaints-To: abuse(at)newshosting.com
NNTP-Posting-Date: Sat, 06 May 2023 20:50:49 UTC
Date: Sat, 6 May 2023 16:50:49 -0400
X-Received-Bytes: 1415

by: Nic - Sat, 6 May 2023 20:50 UTC

On 5/6/23 17:00, 😉 Good Guy 😉 wrote:
> Some of you might have received an email from Western Digital about
> Data Breach where the hacker managed to download the entire database
> from their Linux Server(s) and it took them weeks to notice it!
>
> A partial screenshot of the email is attached as a link here but there
> are stories all over the internet. You have to search for these
> stories using Bing (AI powered) or Google.
>
> [img] <https://i.imgur.com/W1eaU3g.png>
>
>
You are full of shit and misinformation. From what I discern you are
unsolicited information.

Re: [Data Breach] Western Digital

<u36iml$315rb$1@dont-email.me>

copy mid

https://news.novabbs.org/computers/article-flat.php?id=76848&group=alt.comp.os.windows-10#76848

copy link Newsgroups: alt.comp.os.windows-10 alt.comp.os.windows-11 alt.comp.software.thunderbird alt.comp.software.firefox

Path: i2pn2.org!i2pn.org!eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: nospam@needed.invalid (Paul)
Newsgroups: alt.comp.os.windows-10,alt.comp.os.windows-11,alt.comp.software.thunderbird,alt.comp.software.firefox
Subject: Re: [Data Breach] Western Digital
Date: Sat, 6 May 2023 18:00:52 -0400
Organization: A noiseless patient Spider
Lines: 53
Message-ID: <u36iml$315rb$1@dont-email.me>
References: <yYy5M.1715318$MVg8.161366@fx12.iad>
<J4z5M.2944857$vBI8.647190@fx15.iad>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sat, 6 May 2023 22:00:53 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="0700e7dbc3edcc08927a29e466c748f8";
logging-data="3184491"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/fTLiSndIqEW+HMqpnnOXowazFVV3msdo="
User-Agent: Ratcatcher/2.0.0.25 (Windows/20130802)
Cancel-Lock: sha1:fQMEBfDks6SsqCvWYLTuMlRfya0=
In-Reply-To: <J4z5M.2944857$vBI8.647190@fx15.iad>
Content-Language: en-US

by: Paul - Sat, 6 May 2023 22:00 UTC

On 5/6/2023 4:50 PM, Nic wrote:
> On 5/6/23 17:00, 😉 Good Guy 😉 wrote:
>> Some of you might have received an email from Western Digital
>>
> You are full of shit and misinformation. From what I discern you are unsolicited information.
>

It's just lookup for My Cloud service (finding your home NAS public IP while sitting at Starbucks).

https://www.bleepingcomputer.com/news/security/western-digital-discloses-network-breach-my-cloud-service-down/

"Since Sunday, multiple users of Western Digital network-attached storage (NAS) service My Cloud
have been reporting they couldn't access their cloud-hosted media repositories."

Not all of these, may be Cloud based data storage. Some of these
setups, are for using your home NAS while sitting at Starbucks.
And to do that, you need an IP address.

Your data does not go through the WD server. This is the
equivalent of a DynDNS service.

On at least some broadband services, as soon as you reboot your
router, your public IP changes.

*******

The main danger from this incident, is GG mentioning that customers
using the service are receiving an email.

The implication is, if the hacker has the email address, he can craft
phishing emails that look like they are from WD, when they are not from WD.

Be especially wary of any attachments, or any bogus attempts
to extract additional information from you (like, a password,
if a password was used for some bizarre reason).

A Cloud DNS Lookup does not particularly need a lot of info to work,
and a reasonable design, would be to not collect too much information
that could be used for phishing, in the event of a breach.

My buddy in the other group, the one who had his computer room completely
wiped by ransomware, it was because he double-clicked an attachment on
a phishing email from GoDaddy. It's because the GoDaddy info was "public knowledge",
his email being on a domain registration entry, that the ransomware people
could craft a realistic looking email (knew that he did business with GoDaddy),
and fool him into "trusting" the attachment as being a legit business transaction.

If you do receive an email from WD, it might not actually be from WD.
Use Safe Hex handling procedures, rubber boots and rubber gloves.
DONT double click an attachment, or start giving away passwords
via some fake web page the hacker runs.

Paul

Subject	Author
[Data Breach] Western Digital	Nic
[Data Breach] Western Digital	Paul