If you haven’t heard, Western Digital had a fairly severe safety breach in March of this yr. How severe? Serious sufficient that the corporate manually suspended its My Cloud service for over a week, throughout which clients misplaced all entry to their distant recordsdata. Six weeks later, the corporate has printed the outcomes of its inside investigation, and it isn’t fairly.

According to emails despatched to Western Digital clients (by way of Bleeping Computer), the corporate says that hackers have been in a position to get hold of a database of consumers containing names, cellphone numbers, delivery addresses and billing addresses, e-mail addresses, and partial bank card numbers. Password knowledge was additionally stolen, although these recordsdata have been encrypted, hashed, and “salted,” which means that the hazard for these specific recordsdata is especially low.

The knowledge seems to be principally linked to Western Digital’s on-line retailer, not the My Cloud service…although there’s most likely a superb little bit of overlap in these two teams. Western Digital is closing its on-line retailer in the intervening time, with entry anticipated to return subsequent week.

According to Bleeping Computer, the hackers confirmed proof of at the very least some degree of entry to Western Digital’s community as just lately as April twenty eighth, presumably in an try and extort ransom cash. Anyone with a Western Digital retailer account or My Drive account is inspired to vary their password (and might want to look into a password manager, too).