Hackers Attempt to Taunt and Embarrass with Leaked Emails and Videos

The cybercriminals known as ALPHV, or BlackCat, have released screenshots of internal emails and video conferences that they allegedly obtained from Western Digital, suggesting that they maintained access to the company’s systems even after the breach was detected. This leak followed a warning from ALPHV on April 17th that they would escalate their attacks on Western Digital unless a ransom was paid. On March 26th, Western Digital experienced a cyberattack that resulted in data theft, but no ransomware was deployed. In response, the company shut down its cloud services for two weeks. TechCrunch initially reported that an anonymous group breached Western Digital and stole ten terabytes of data, which included files signed with the company’s stolen code-signing keys and unlisted phone numbers. ALPHV later threatened to release the stolen data unless a ransom was paid. The group has now taunted and embarrassed Western Digital by releasing screenshots of internal emails and video conferences related to the company’s response to the attack. The leaked data includes a message from the hackers claiming to have customers’ personal information and a complete backup of Western Digital’s SAP Backofffice implementation. Although the data appears to be authentic, its source and whether it was stolen during the attack could not be independently verified by BleepingComputer. Western Digital has not yet negotiated a ransom, which has resulted in further threats from the hackers. The company has declined to comment on the leaked screenshots and the hackers’ claims.

Paul Bergman runs a business strategy and cybersecurity consulting company in San Diego. He writes on cybersecurity and board management for both corporate and nonprofit boards.

Paul Bergman
Follow me