Customers who were affected by the My Book Live device attack will be eligible for data recovery services provided by Western Digital and a trade-in program that will allow them to upgrade to a supported My Cloud device.
Western Digital has come forward and proposed a plan of action to help those who lost data in the June 23 attack. Customers affected were using legacy devices in the My Book Liveand My Book Live Duo line. The devices were remotely wiped by a still-unidentified group -- or groups -- of bad actors. The devices were introduced to the market in 2010 and received a final firmware update in 2015.
The company lists affected devices as follows:
- My Book Live, SKU WDBACG0030HCH
- My Book Live, SKU WDBACG0020HCH
- My Book Live, SKU WDBACG0010HCH
- My Book Live Duo, SKU WDBVHT0080JCH
- My Book Live Duo, SKU WDBVHT0060JCH
- My Book Live Duo, SKU WDBVHT0040JCH
No other devices are believed to be affected by this particular set of vulnerabilities.
Customers who lost data will be eligible for a data recovery service from Western Digital. In addition, customers will also be offered a trade-in program that will allow them to trade up to a currently supported My Cloud Device. Western Digital states that both programs will be available at some point in July, with details being announced in the near future.
A support post that went live on June 30 details what the company has uncovered so far.
Western Digital acknowledges that the My Book Live firmware is vulnerable to a remotely exploitable command when the device has remote access enabled. The company has determined that the vulnerability was introduced to My Book Live in April of 2011 as part of routine maintenance. The problem occurred when the vulnerability failed to be appropriately deactivated.
It is currently believed that attackers directly connected to affected My Book Live devices from various IP addresses across the world. Additionally, attackers could exploit vulnerabilities that allowed them to install malicious binary on the device and then use a second vulnerability to reset it.
Western Digital claims that it has not uncovered any evidence that its cloud services, firmware, or customer credentials were compromised. However, it could be possible that those affected in the attack could have vulnerable devices discovered through port scanning.
Keep up with everything Apple in the weekly AppleInsider Podcast -- and get a fast news update from AppleInsider Daily. Just say, "Hey, Siri," to your HomePod mini and ask for these podcasts, and our latest HomeKit Insider episode too. If you want an ad-free main AppleInsider Podcast experience, you can support the AppleInsider podcast by subscribing for $5 per month through Apple's Podcasts app, or via Patreon if you prefer any other podcast player.