On Friday, five days after the start of a massive outage affecting its cloud services, Western Digital finally provided customers with a workaround to access their files.
Since April 2, the outage has prevented users from accessing files stored on their WD NAS devices, as it required access to the company’s cloud services.
The full list of downed services throughout this week includes My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS 5, SanDisk ibi and SanDisk Ixpand Wireless Charger, plus related mobile, desktop and web apps .
While the company said on Sunday, April 2, that it was working to restore connectivity and promised to provide updates the following day, a Monday statement thanked customers for their patience but did not add any details.
Four days later, Western Digital finally shared an interim solution that helps My Cloud Home, My Cloud Home Duo, and SanDisk ibi users access their files locally.
“The Local Access feature allows you to directly access your personal files from a Windows or macOS computer connected to the same network as your device”, Western Digital said.
“To enable local access, use your favorite browser and log into your device’s dashboard. Then enable the local access feature and create a new local access account.”
This knowledge base article provides detailed information on how to enable local access. Local access is already enabled for My Cloud OS5 products (My Cloud PR and EX series).
My Cloud outage follows recent security breach
This massive and ongoing My Cloud outage follows the disclosure of a network breach on Monday, April 3, discovered by Western Digital more than a week earlier, on March 26.
An investigation into the incident involving outside security and forensics experts is still in its early stages, and the company said it is also coordinating its efforts with law enforcement authorities.
Based on the evidence uncovered so far, Western Digital believes the attackers gained access to some of its systems and obtained data from its network.
While the company has yet to link this week’s outage to the recently disclosed security breach, it confirmed on Monday that it has taken “systems and services offline” to secure “business operations and said it was working to “restore affected infrastructure and services.”
BleepingComputer has contacted Western Digital several times since the outage began to ask if there is a connection between the breach and the My Cloud service disruption, but we did not receive a response until Friday when we were told said that our message had not been delivered.
“We are experiencing a network service outage and your message was not delivered. When services are restored, your message will be delivered to the intended recipient. Thank you for your patience,” the email response read.
My Book Live devices were wiped clean in 2021 attacks
This isn’t the first time Western Digital customers have lost their data, with attackers looking for My Book Live and My Book Live Duo NAS devices exposed to the internet and unsupported worldwide in June 2021 to factory reset and wipe them remotely to destroy all data.
Threat actors are believed to have targeted an unauthenticated factory reset vulnerability tracked as CVE-2018-18472.
“In some cases, attackers have triggered a factory reset that appears to erase all data from the device,” the company told BleepingComputer at the time.
While customers feared Western Digital’s servers were hacked to send remote factory reset commands to all affected devices, the company denied the rumors and said its network was not hacked.
“Our investigation of this incident has revealed no evidence that Western Digital cloud services, firmware update servers or customer credentials have been compromised,” Western Digital said.