Many users have attempted to recover the data using third-party software, but only a few seem to have had success with it. Users who inspected the log found that their devices were factory reset remotely. What's weird is that the users were unable to login to the drive using the web based dashboard, and that their password was invalid. The incident, first spotted by Bleeping Computer, seems to have occurred on June 23rd. The company is also offering My Boo Live users a trade-in program, to upgrade to a My Cloud device. Western Digital has also announced that it will start providing data recovery services to affected customers, beginning in July. The issue has been referenced as CVE-2021-35941, and allowed the attacker to factory reset the drive without authentication. So it wasn't the flaw from 2019 that was targeted. The security flaw in the My Book Live existed from 2011. Update: In a new statement published on its support portal, Western Digital clarifies that hackers exploited multiple security vulnerabilities to attack the cloud-based drives.
0 Comments
Leave a Reply. |