If you use a WD My Book Live NAS, it might be a good idea to disconnect it from your network.
According to a post on the device’s community forum that Ars Technica picked up, some WD My Book Live users have discovered that all of their data has been removed from their device.
WD says that the data relates to “malicious software” that says that My Book Live and My Book Duo owners should disconnect their devices from the internet to protect their data.
Several posts on WD’s forum detail how user data has been wiped entirely but that the file structure is still present — the folders are there, but they’re entirely empty.
One user that goes by the username ‘JHS1‘ said the following:
“I kept all my documents on this drive. All files gone, four empty folders for: pictures, music, that I never used. My pictures are stored elsewhere. Unfortunately or fortunately my last backup was 4.5 months ago. I thought I had my backup program set for scheduled backups, but that is another problem to look into. If this turns out to be a WD problem, I will look elsewhere for future storage equipment. I wish everybody good luck and if someone finds a solution, please post it.”
Several other users echo the above situation. It’s unclear what the source of the malicious software is or if WD is currently working on a solution. WD sent the following statement regarding the issue to several publications:
“The incident is under active investigation from Western Digital. We do not have any indications of a breach or compromise of Western Digital cloud services or systems.
We have determined that some My Book Live devices have been compromised by a threat actor. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. The My Book Live device received its final firmware update in 2015.
At this time, we are recommending that customers disconnect their My Book Live devices from the Internet to protect their data on the device.
We have issued the following statement to our customers and will provide updates to this thread when they are available: https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147“
I’ve used an older WD My Cloud NAS drive to store files I need to share across multiple computers for several years. It’s unclear if this issue also affects this particular drive model given it’s not a My Book device, but I’m disconnecting the drive just in case.
Source: Ars Technica
