Western Digital Asks 'My Book Live' Device Owners to Unplug After Reports of Remotely Wiped Drives

by

Western Digital is advising owners of its My Book Live storage drives to disconnect them from the internet until further notice, following reports from around the world that some devices have been compromised and wiped clean by malicious software.

western digital my book live
The WD My Book Live is the company's network-attached storage device with the book-style design that can stand upright on a desk. The drive is typically connected to computers via USB and connects to a local network via ethernet. Meanwhile, the WD My Book Live app lets users access their stored files remotely through Western Digital's cloud servers.

As reported by BleepingComputer, My Book Live and Live Duo device owners on Thursday began flooding Western Digital's support forums with reports that all of their files had been mysteriously deleted and that they could no longer access the device via the offical app or a browser.

"I have a WD My Book live connected to my home LAN that's worked fine for years," wrote the first poster in a now-long thread. "I have just found that somehow all the data on it is gone today, while the directories seems there but empty. Previously the 2T volume was almost full but now it shows full capacity."

When they attempted to log in using the drive's web dashboard, the drive told them they had an invalid password. Many other owners have also confirmed that their device has been hit with the same issue. "All my data is gone too," another user said. "I am totally screwed without that data... years of it."

Following further reports, a pattern has gradually emerged in shared device logs that points to a remote command initiating a factory reset on affected devices beginning at around 3:00 p.m. on Thursday and continuing throughout the night.

Western Digital has advised customers in a new support notice to disconnect their My Book Live devices while the company investigates the destructive attacks. The company has since told BleepingComputer they are actively investigating the attacks but do not believe it was a compromise of their servers.

"Western Digital has determined that some My Book Live devices are being compromised by malicious software. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. The My Book Live device received its final firmware update in 2015. We understand that our customers' data is very important. At this time, we recommend you disconnect your My Book Live from the Internet to protect your data on the device. We are actively investigating and we will provide updates to this thread when they are available."

If the company is correct in saying its servers haven't been hacked, it's unclear how so many My Book Live accounts could be compromised at or around the same time. We've asked for more information from Western Digital regarding the matter and will post an update to this story if we hear anything back, but the advice for device owners for now is clear: Disconnect your My Book Live.

Tag: Western Digital

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Rumored to Use Same Rear Chassis as iPhone 16

Friday July 19, 2024 7:16 am PDT by
Apple will adopt the same rear chassis manufacturing process for the iPhone SE 4 that it is using for the upcoming standard iPhone 16, claims a new rumor coming out of China. According to the Weibo-based leaker "Fixed Focus Digital," the backplate manufacturing process for the iPhone SE 4 is "exactly the same" as the standard model in Apple's upcoming iPhone 16 lineup, which is expected to...
Read Full Article132 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article129 comments
iphone 14 lineup

Cellebrite Unable to Unlock iPhones on iOS 17.4 or Later, Leak Reveals

Thursday July 18, 2024 4:18 am PDT by
Israel-based mobile forensics company Cellebrite is unable to unlock iPhones running iOS 17.4 or later, according to leaked documents verified by 404 Media. The documents provide a rare glimpse into the capabilities of the company's mobile forensics tools and highlight the ongoing security improvements in Apple's latest devices. The leaked "Cellebrite iOS Support Matrix" obtained by 404 Media...
Read Full Article66 comments
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
Read Full Article133 comments
bsod

Crowdstrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

Friday July 19, 2024 3:12 am PDT by
A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery...
Read Full Article476 comments
New MacBook Pros Launching Tomorrow With These 4 New Features 2

M5 MacBook Models to Use New Compact Camera Module in 2025

Wednesday July 17, 2024 2:58 am PDT by
Apple in 2025 will take on a new compact camera module (CCM) supplier for future MacBook models powered by its next-generation M5 chip, according to Apple analyst Ming-Chi Kuo. Writing in his latest investor note on unny-opticals-2025-business-momentum-to-benefit-509819818c2a">Medium, Kuo said Apple will turn to Sunny Optical for the CCM in its M5 MacBooks. The Chinese optical lens company...
Read Full Article112 comments

Top Rated Comments

haruhiko Avatar
haruhiko
40 months ago
One should either: 1) put your files locally and keep the drive offline or 2) put them in a trustworthy cloud based storage system (iCloud Drive, Google Drive etc.)

The victims unfortunately chose the worst of both worlds: a single local copy with access to internet which supports remote deletion of all files.

The fact that WD gave up their old products and hasn’t issued any security updates since 2015 while retaining the remote wipe function is beyond irresponsible.
Score: 24 Votes (Like | Disagree)
deckard666 Avatar
deckard666
40 months ago
Remote and local folks.....always
Score: 21 Votes (Like | Disagree)
JSL1 Avatar
JSL1
40 months ago
Poor security by WD to allow this to happen and to allow remote wipes.
Score: 12 Votes (Like | Disagree)
elvisimprsntr Avatar
elvisimprsntr
40 months ago
Hard lessons learned:
1. Never expose NAS to WAN or any remote access cloud service.
2. Need 3-2-1 backup strategy.
3. Replace EOL devices/software.

Even though I did not fall victim to recent QNAP QTS Qlocker ransomware since I don't expose my NAS devices to a WAN, I got fed up with constant QTS security patches for hardcoded credentials and vulnerabilities, and installed TrueNAS CORE ('https://www.truenas.com/truenas-core/') on my QNAP TS-453A and TS-253A. Works better and faster than QTS!



Attachment Image
Score: 9 Votes (Like | Disagree)
W2u7Yw4HaD Avatar
W2u7Yw4HaD
40 months ago
Unless their data is wholly in the cloud also and can be undeleted, this isn't a wise thing to connect to the cloud as your only offline backup source..
Score: 8 Votes (Like | Disagree)
CoastalMaineBird Avatar
CoastalMaineBird
40 months ago
all the data on it is gone today, while the directories seems there but empty.
...
this compromise has led to a factory reset that appears to erase all data on the device.

I don't think the "factory reset" would leave all the directories there.
Score: 6 Votes (Like | Disagree)
Read All Comments