Western Digital took its store offline and sent customers data breach notifications after confirming hackers stole sensitive personal information in a cyberattack in March.

The company emailed the data breach notifications Friday afternoon, warning that customer data was stored in a Western Digital database stolen in the attack.

“Based on investigation, we recently learned that on or about March 26, 2023, an unauthorized party obtained a copy of a Western Digital database containing limited personal information about our store’s customers. on line”,

“The information included customer names, billing and shipping addresses, e-mail addresses and telephone numbers. As a security measure, the relevant database stored, in an encrypted format, passwords chopped (which were salty) and partial credit card numbers.”

Western Digital has taken its store offline while they continue to investigate the incident, with the store now displaying a message that reads: “We’ll be back soon: We are unable to process orders at this time” .

The company plans to restore access to the store on May 15, 2023.

Western Digital is also warning affected customers to be vigilant against spear phishing attacks, where threat actors impersonate the company and use stolen data to gather other personal information from customers.

The Western Digital cyberattack

Data breach notification comes next Western Digital suffered a cyberattack on March 26, when the company discovered that its network had been hacked and company data had been stolen.

In response to the attack, the company shut down its cloud services for two weeksas well as mobile, desktop and web apps.

Tech Crunch reported that an “unnamed” hacking group hacked into Western Digital, claiming to have stolen ten terabytes of data.

While threat actors pretend not to be part of the ALPHV ransomware operationthey used their data leak site to extort Western Digital, somehow linking them to the extortion gang.

In a memo published on April 28, threat actors mocked Western Digital by posting screenshots stolen emails, documents, and apps that showed they still had access to the corporate network even after being detected.

The hackers also claimed to have stolen an SAP Backoffice database containing customer information and shared a screenshot of what appear to be customer invoices.

Since then, no further data has been released by the threat actors, which likely indicates that they are still extorting Western Digital in hopes of receiving a ransom demand.