Western Digital Asks 'My Book Live' Device Owners to Unplug After Reports of Remotely Wiped Drives

Western Digital is advising owners of its My Book Live storage drives to disconnect them from the internet until further notice, following reports from around the world that some devices have been compromised and wiped clean by malicious software.

western digital my book live
The WD My Book Live is the company's network-attached storage device with the book-style design that can stand upright on a desk. The drive is typically connected to computers via USB and connects to a local network via ethernet. Meanwhile, the WD My Book Live app lets users access their stored files remotely through Western Digital's cloud servers.

As reported by BleepingComputer, My Book Live and Live Duo device owners on Thursday began flooding Western Digital's support forums with reports that all of their files had been mysteriously deleted and that they could no longer access the device via the offical app or a browser.

"I have a WD My Book live connected to my home LAN that's worked fine for years," wrote the first poster in a now-long thread. "I have just found that somehow all the data on it is gone today, while the directories seems there but empty. Previously the 2T volume was almost full but now it shows full capacity."

When they attempted to log in using the drive's web dashboard, the drive told them they had an invalid password. Many other owners have also confirmed that their device has been hit with the same issue. "All my data is gone too," another user said. "I am totally screwed without that data... years of it."

Following further reports, a pattern has gradually emerged in shared device logs that points to a remote command initiating a factory reset on affected devices beginning at around 3:00 p.m. on Thursday and continuing throughout the night.

Western Digital has advised customers in a new support notice to disconnect their My Book Live devices while the company investigates the destructive attacks. The company has since told BleepingComputer they are actively investigating the attacks but do not believe it was a compromise of their servers.

"Western Digital has determined that some My Book Live devices are being compromised by malicious software. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. The My Book Live device received its final firmware update in 2015. We understand that our customers' data is very important. At this time, we recommend you disconnect your My Book Live from the Internet to protect your data on the device. We are actively investigating and we will provide updates to this thread when they are available."

If the company is correct in saying its servers haven't been hacked, it's unclear how so many My Book Live accounts could be compromised at or around the same time. We've asked for more information from Western Digital regarding the matter and will post an update to this story if we hear anything back, but the advice for device owners for now is clear: Disconnect your My Book Live.

Top Rated Comments

haruhiko Avatar
5 weeks ago
One should either: 1) put your files locally and keep the drive offline or 2) put them in a trustworthy cloud based storage system (iCloud Drive, Google Drive etc.)

The victims unfortunately chose the worst of both worlds: a single local copy with access to internet which supports remote deletion of all files.

The fact that WD gave up their old products and hasn’t issued any security updates since 2015 while retaining the remote wipe function is beyond irresponsible.
Score: 24 Votes (Like | Disagree)
deckard666 Avatar
5 weeks ago
Remote and local folks.....always
Score: 21 Votes (Like | Disagree)
JSL1 Avatar
5 weeks ago
Poor security by WD to allow this to happen and to allow remote wipes.
Score: 12 Votes (Like | Disagree)
elvisimprsntr Avatar
5 weeks ago
Hard lessons learned:
1. Never expose NAS to WAN or any remote access cloud service.
2. Need 3-2-1 backup strategy.
3. Replace EOL devices/software.

Even though I did not fall victim to recent QNAP QTS Qlocker ransomware since I don't expose my NAS devices to a WAN, I got fed up with constant QTS security patches for hardcoded credentials and vulnerabilities, and installed TrueNAS CORE ('https://www.truenas.com/truenas-core/') on my QNAP TS-453A and TS-253A. Works better and faster than QTS!



Attachment Image
Score: 9 Votes (Like | Disagree)
W2u7Yw4HaD Avatar
5 weeks ago
Unless their data is wholly in the cloud also and can be undeleted, this isn't a wise thing to connect to the cloud as your only offline backup source..
Score: 8 Votes (Like | Disagree)
CoastalMaineBird Avatar
5 weeks ago
all the data on it is gone today, while the directories seems there but empty.
...
this compromise has led to a factory reset that appears to erase all data on the device.

I don't think the "factory reset" would leave all the directories there.
Score: 6 Votes (Like | Disagree)

Top Stories

oprah book club siri

Siri Can Now Tell You What Oprah's Reading

Tuesday March 16, 2021 10:19 am PDT by
Apple has a partnership with Oprah for "Oprah's Book Club," a follow along reading experience available in the Apple Books app and the Apple TV+ app. Starting today, there's a new Oprah Siri integration that allows you to ask Siri what book Oprah is currently reading for her book club. In response, Oprah herself reads a synopsis of the book, which happens to be Marilynne Robinson's novel...
live text macos monterey feature

macOS Monterey Beta 4 Brings Live Text to Intel-Based Macs

Tuesday July 27, 2021 10:54 am PDT by
The latest beta update of macOS Monterey, released to developers today, has brought Live Text functionality to Intel-based Mac computers, removing the requirement for users to use an M1 Apple silicon Mac to utilize the feature, according to Rene Ritchie. Live Text, included in the forthcoming macOS Monterey, iOS 15, and iPadOS 15 updates, allows users to interact with text within images,...
google drive for desktop1

Google to Roll Out New 'Drive for Desktop' App in the Coming Weeks, Replacing Backup & Sync and Drive File Stream Clients

Tuesday July 13, 2021 1:18 am PDT by
Earlier this year, Google announced that it planned to unify its Drive File Stream and Backup and Sync apps into a single Google Drive for desktop app. The company now says the new sync client will roll out "in the coming weeks" and has released additional information about what users can expect from the transition. To recap, there are currently two desktop sync solutions for using Google...
nathan pyle comic 1

Nathan Pyle's 'Strange Planet' Comic Coming to Apple TV+ as Animated Series

Wednesday June 23, 2021 12:21 pm PDT by
Popular comic "Strange Planet" from Nathan Pyle is being turned into an animated television series that's set to premiere on Apple TV+, reports Deadline. The "Strange Planet" comics and books feature blue aliens from an Earth-like planet who describe their Earth-like activities in new and unusual ways. Nathan Pyle has amassed millions of followers on Instagram with the webcomic, which...
apple park drone june 2018 2

Apple Employees Continue to Fight Return to Campuses and Push for Better Remote Working Options

Monday July 19, 2021 11:09 am PDT by
Apple has made it clear that most of its employees will not be able to work remotely on a permanent basis, but that isn't stopping some corporate staff from continuing to push for more relaxed remote working rules, reports Recode. In a new petition that went out this week, employees are asking Apple to allow employees to work from home on a more permanent basis. Apple has agreed to a hybrid...
nso israeli surveillance firm

Report: Pegasus Spyware Sold to Governments Uses Zero-Click iMessage Exploit to Infect iPhones Running iOS 14.6

Monday July 19, 2021 12:35 am PDT by
Journalists, lawyers, and human rights activists around the world have been targeted by authoritarian governments using phone malware made by Israeli surveillance firm NSO Group, according to multiple media reports. An investigation by 17 media organizations and Amnesty International's Security Lab uncovered a massive data leak, indicating widespread and continuing abuse of the commercial...
app store blue banner uk fixed

Apple Could Be Forced to Follow New Digital Competition Rules or Face Fines, Under UK Proposal

Tuesday July 20, 2021 1:25 am PDT by
The U.K. government is today unveiling its plan to regulate tech giants, such as Apple, to ensure that the U.K's digital market, which includes platforms such as the App Store, is open for competition, and not dominated by any particular company. In April, the U.K. created the DMU or Digital Markets Unit under the Competition and Markets Authority. With newly given powers, that new unit will ...
elago siri remote case

You Won't Lose Your Apple TV Remote With Elago's New AirTag Remote Case

Thursday July 15, 2021 10:40 am PDT by
Elago is known for its range of clever case designs for Apple's devices, and its newest case designed for the Apple TV Siri Remote adds the one feature that Apple left out - Find My functionality. With the Apple TV Siri Remote R5 Case, there's space to insert an AirTag at the back, which means that if you ever lose your remote, you can locate the AirTag that's inside with the Find My app. ...
bmw car key photo

Apple's Digital Car Key Feature Will Soon Work With Your iPhone in Your Pocket

Tuesday July 13, 2021 8:13 am PDT by
The Car Connectivity Consortium today announced that its Digital Key 3.0 specification with support for Ultra Wideband and Bluetooth LE connectivity is finalized and now available to members, including Apple. In 2020, Apple introduced a digital car key feature that allows users to unlock and start a compatible vehicle by holding an iPhone or Apple Watch near the driver-side door. The feature ...
iCloud General Feature

Apple Reportedly Storing Over 8 Million Terabytes of iCloud Data on Google Servers

Tuesday June 29, 2021 7:07 am PDT by
Apple has dramatically increased the amount of iCloud user data it stores on Google Cloud, according to The Information. The report claims Apple now has over eight million terabytes of data stored on Google's servers. As of mid-May, Apple was reportedly on track to spend around $300 million on Google cloud storage services this year, which would represent an increase of roughly 50% from all...