Western Digital Asks 'My Book Live' Device Owners to Unplug After Reports of Remotely Wiped Drives

Western Digital is advising owners of its My Book Live storage drives to disconnect them from the internet until further notice, following reports from around the world that some devices have been compromised and wiped clean by malicious software.

western digital my book live
The WD My Book Live is the company's network-attached storage device with the book-style design that can stand upright on a desk. The drive is typically connected to computers via USB and connects to a local network via ethernet. Meanwhile, the WD My Book Live app lets users access their stored files remotely through Western Digital's cloud servers.

As reported by BleepingComputer, My Book Live and Live Duo device owners on Thursday began flooding Western Digital's support forums with reports that all of their files had been mysteriously deleted and that they could no longer access the device via the offical app or a browser.

"I have a WD My Book live connected to my home LAN that's worked fine for years," wrote the first poster in a now-long thread. "I have just found that somehow all the data on it is gone today, while the directories seems there but empty. Previously the 2T volume was almost full but now it shows full capacity."

When they attempted to log in using the drive's web dashboard, the drive told them they had an invalid password. Many other owners have also confirmed that their device has been hit with the same issue. "All my data is gone too," another user said. "I am totally screwed without that data... years of it."

Following further reports, a pattern has gradually emerged in shared device logs that points to a remote command initiating a factory reset on affected devices beginning at around 3:00 p.m. on Thursday and continuing throughout the night.

Western Digital has advised customers in a new support notice to disconnect their My Book Live devices while the company investigates the destructive attacks. The company has since told BleepingComputer they are actively investigating the attacks but do not believe it was a compromise of their servers.

"Western Digital has determined that some My Book Live devices are being compromised by malicious software. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. The My Book Live device received its final firmware update in 2015. We understand that our customers' data is very important. At this time, we recommend you disconnect your My Book Live from the Internet to protect your data on the device. We are actively investigating and we will provide updates to this thread when they are available."

If the company is correct in saying its servers haven't been hacked, it's unclear how so many My Book Live accounts could be compromised at or around the same time. We've asked for more information from Western Digital regarding the matter and will post an update to this story if we hear anything back, but the advice for device owners for now is clear: Disconnect your My Book Live.

Top Rated Comments

haruhiko Avatar
23 weeks ago
One should either: 1) put your files locally and keep the drive offline or 2) put them in a trustworthy cloud based storage system (iCloud Drive, Google Drive etc.)

The victims unfortunately chose the worst of both worlds: a single local copy with access to internet which supports remote deletion of all files.

The fact that WD gave up their old products and hasn’t issued any security updates since 2015 while retaining the remote wipe function is beyond irresponsible.
Score: 24 Votes (Like | Disagree)
deckard666 Avatar
23 weeks ago
Remote and local folks.....always
Score: 21 Votes (Like | Disagree)
JSL1 Avatar
23 weeks ago
Poor security by WD to allow this to happen and to allow remote wipes.
Score: 12 Votes (Like | Disagree)
elvisimprsntr Avatar
23 weeks ago
Hard lessons learned:
1. Never expose NAS to WAN or any remote access cloud service.
2. Need 3-2-1 backup strategy.
3. Replace EOL devices/software.

Even though I did not fall victim to recent QNAP QTS Qlocker ransomware since I don't expose my NAS devices to a WAN, I got fed up with constant QTS security patches for hardcoded credentials and vulnerabilities, and installed TrueNAS CORE ('https://www.truenas.com/truenas-core/') on my QNAP TS-453A and TS-253A. Works better and faster than QTS!



Attachment Image
Score: 9 Votes (Like | Disagree)
W2u7Yw4HaD Avatar
23 weeks ago
Unless their data is wholly in the cloud also and can be undeleted, this isn't a wise thing to connect to the cloud as your only offline backup source..
Score: 8 Votes (Like | Disagree)
CoastalMaineBird Avatar
23 weeks ago
all the data on it is gone today, while the directories seems there but empty.
...
this compromise has led to a factory reset that appears to erase all data on the device.

I don't think the "factory reset" would leave all the directories there.
Score: 6 Votes (Like | Disagree)

Related Stories

oprah book club siri

Siri Can Now Tell You What Oprah's Reading

Tuesday March 16, 2021 10:19 am PDT by
Apple has a partnership with Oprah for "Oprah's Book Club," a follow along reading experience available in the Apple Books app and the Apple TV+ app. Starting today, there's a new Oprah Siri integration that allows you to ask Siri what book Oprah is currently reading for her book club. In response, Oprah herself reads a synopsis of the book, which happens to be Marilynne Robinson's novel...
apple privacy

Apple Fined $11 Million in Italy for Employing 'Aggressive Methods' in Commercial Use of Private Data

Friday November 26, 2021 2:16 am PST by
Apple and Google were today fined 10 million euros ($11 million) by Italy's Competition Authority for allegedly using user data for commercial purposes without their explicit consent, an apparent violation of Italy's Consumer Code. The authority claims that both Apple and Google utilize user data they collect through their services for promotional and economic activity without the user's...
apple security banner

Apple Reportedly Notified Some U.S. State Department Employees They May Have Been Targeted by NSO Group Spyware

Friday December 3, 2021 8:56 am PST by
Apple has notified at least nine U.S. Department of State employees that they may have been targeted by state-sponsored spyware created by Israeli company NSO Group, according to a Reuters report citing four people familiar with the matter. A spokesperson for NSO Group told Reuters that it will investigate and take legal action against customers using its tools illegally if necessary."If our ...
the changeling tv show lakeith

Drama Series 'The Changeling' Coming to Apple TV+

Wednesday August 25, 2021 9:24 am PDT by
Apple today announced that it has picked up a new drama series called "The Changeling," which is based on the best-selling Victor LaValle book of the same name. LaKeith Stanfield, known for "Atlanta" and "Judas and the Black Messiah," is set to star in the show. "The Changeling" is described as a "fairytale for grown-ups" that's part horror story, part parenthood fable, and a "perilous...
apple security banner

Apple Outlines How It Will Notify Users Who Have Been Targeted by State-Sponsored Spyware Attacks

Tuesday November 23, 2021 8:15 pm PST by
Earlier today, Apple announced that it had filed suit against NSO Group, the firm responsible for the Pegasus spyware that has been used in state-sponsored surveillance campaigns in a number of countries. NSO Group seeks to take advantage of vulnerabilities in iOS and other platforms to infiltrate the devices of targeted users such as journalists, activists, dissidents, academics, and government...
Apple Best of Podcasts 2021

Apple Celebrates Best Podcasts of 2021

Tuesday November 30, 2021 5:34 am PST by
Apple has today shared a press release celebrating the best and most popular podcasts of 2021, as curated by the Apple Podcasts editorial team. Apple named "A Slight Change of Plans" with Maya Shankar as "Best Show of the Year." The show combines storytelling with cognitive and behavioral science to help listeners navigate change in their lives, including real-world stories about change when ...
Twitter Feature

Twitter Investigating Bug Causing Unexpected Logouts on iOS 15

Wednesday November 24, 2021 9:28 am PST by
Twitter Support has acknowledged a bug causing unexpected account logouts on iOS 15, promising that its teams are working on a fix and that it'll keep users updated on when it's resolved. Posts on Twitter over the last several hours have shown users experiencing the bug, with some sharing frustrations that the app is requiring them to log back into Twitter upon every app launch. While some...
nso israeli surveillance firm

Apple Aims to Cut Down on Spyware With Lawsuit Against NSO Group

Tuesday November 23, 2021 10:09 am PST by
Apple today announced that it has filed a lawsuit against Israeli firm NSO Group and its parent company with the aim of holding it accountable for targeting Apple users with spyware used for surveillance purposes. In the lawsuit, Apple offers up information on how NSO Group infiltrated the devices of iPhone owners and how it utilized the Pegasus spyware to do so. Apple is asking for a...

Popular Stories

airtag in hand

Apple AirTag Linked to Increasing Number of Car Thefts, Canadian Police Report

Friday December 3, 2021 7:10 am PST by
Apple's AirTags are being used in an increasing number of targeted car thefts in Canada, according to local police. Outlined in a news release from York Regional Police, investigators have identified a new method being used by thieves to track down and steal high-end vehicles that takes advantage of the AirTag's location tracking capabilities. While the method of stealing the cars is largely ...
macbook pro 13 inch banner

Apple Planning Five New Macs for 2022, Including Entry-Level MacBook Pro Refresh

Sunday December 5, 2021 7:55 am PST by
Apple is working on five new Macs for launch in 2022, including a new version of the entry-level MacBook Pro, according to Bloomberg's Mark Gurman. In the latest edition of his "Power On" newsletter, Gurman said that he expects Apple to launch five new Macs in 2022, including: A high-end iMac with Apple silicon to sit above the 24-inch iMac in the lineup A significant MacBook Air...
MBA Mock White Front Blue

2022 MacBook Air Getting Major Display Upgrade With One Drawback

Friday December 3, 2021 3:01 am PST by
Apple's next-generation MacBook Air is reportedly set to bring over many of the new MacBook Pro's features, with one noticeable omission, according to recent reports. The latest MacBook Pro models feature a mini-LED "Liquid Retina XDR" display with deep blacks and support for up to 1,600 nits peak brightness. The display also features Apple's "ProMotion" technology, which is capable of...
m3 feature black

Macs With 'M3' Chips Expected to Use TSMC's 3nm Chip Technology With Test Production Reportedly Underway

Thursday December 2, 2021 7:36 am PST by
Apple's chipmaking partner TSMC has kicked off pilot production of chips built on its 3nm process, known as N3, according to Taiwanese supply chain publication DigiTimes. The report, citing unnamed industry sources, claims that TSMC will move the process to volume production by the fourth quarter of 2022 and start shipping 3nm chips to customers like Apple and Intel in the first quarter of...
apple watch series 7 aluminum colors

2022 Apple Watch Lineup Rumored to Include New Apple Watch SE and 'Rugged' Model for Sports

Sunday December 5, 2021 8:22 am PST by
Apple is planning an entire revamp of its Apple Watch lineup for 2022, including an update to the Apple Watch SE and a new Apple Watch with a rugged design aimed at sports athletes, according to respected Bloomberg journalist Mark Gurman. Writing in the latest installment of his Power On newsletter, Gurman said that for 2022, alongside the Apple Watch Series 8, Apple is planning an update to ...