On 24 June 2021 storage company Western Digital (WD) issued a security notice regarding My Book Live and My Book Live Duo storage devices, noting that some have been compromised through exploitation of a vulnerability.
In some cases, attackers have been able to perform a factory reset on the devices, erasing all data.
On the Western Digital forum numerous users have commented on the issues they have. One said “All my data is gone. Message in GUI says it was “Factory reset” today! 06/23. I am totally screwed without that data…years of it.” Another, based in the UK, said “Hi another victim here, also in the UK. Got a decade of life’s work and photos at stake so willing to do whatever it takes to recover.”
Western Digital have been reviewing log files from cases, and have determined that attackers were able to directly connect to the devices over an internet connection.
They advise all users of My Book Live and My Book Live Duo devices to disconnect them from the internet. Instructions are available from Western Digital.
We also advise any users with network-connected NAS drives, from Western Digital or from any other manufacturer (e.g. Seagate, Toshiba etc.) to check with the vendor for any updates to software or firmware without delay. It is possible that there could be similar vulnerabilities with other devices.
I’m not sure if I use a network-connected NAS drive, what do I do?
Contact your IT support to check. Explain that you’re concerned about vulnerabilities with storage devices and ask for immediate assistance. If you use Think IT, or if you don’t have any IT support, contact us by phone (01392 435803), email (firstname.lastname@example.org) or both.
If you need help with anything else, head to the Contact Us page of the website and get in touch with us.