Nothing is scarier than the idea of losing years’ worth of data in a blink of an eye, whether through the loss of physical storage or, in this case, the deletion of said data. Owners of Western Digital’s old My Book Live storage are unfortunately living that very nightmare as they suddenly discover their external drives wiped clean. It turns out they may have been the victims of a malicious hacker that simply deleted their data, no ransoms asked.
WD has made several popular My Book external storage solutions, but the My Book Live became popular for one unique feature. It connected directly to a router via an Ethernet cable, allowing owners to access data from the driver wirelessly, even remotely. Of course, that also comes with a higher risk of getting compromised by remote attackers, which may be what happened here.
WD My Book Live owners around the world are expressing panic and despair in finding their precious NAS devices empty of data they have accumulated over the years. Some reported it happening overnight while others were not at home when the wipe began. One user was able to find out that affected My Book Live devices most likely went through a factory reset that deleted all their data. The question is who initiated that process.
Unlike other NAS devices, the My Book Live can only be accessed remotely through Western Digital’s cloud servers. That led to suspicions that WD’s security was compromised, leading to this attack on users. The company is investigating the incident but reports that it has no evidence of a security breach on its part. Instead, it blames the incident on threat actors targeting random individual users.
All that WD can advise the remaining unaffected owners of the My Book Live is to unplug their devices from the Internet, effectively reducing them to local storage. The company has discontinued the drive in 2015 and hasn’t released any software updates since then, so it might not be in a rush to patch whatever vulnerability led to this incident. Unfortunately for those whose data has already been erased, there’s no turning back the clock if they didn’t have backups.