Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems.
The California-based computer drive maker and provider of data storage services says in a press release that the network security incident was identified last Sunday, on March 26.
An investigation is in early stages and the company is coordinating efforts with law enforcement authorities.
This blog post describes an unchecked return value vulnerability found and exploited in September 2021 by Alex Plaskett, Cedric Halbronn and Aaron Adams working at the Exploit Development Group (EDG) of NCC Group. We successfully exploited it at Pwn2Own 2021 competition in November 2021 when targeting the Western Digital PR4100.