Western Digital Asks 'My Book Live' Device Owners to Unplug After Reports of Remotely Wiped Drives

by

Western Digital is advising owners of its My Book Live storage drives to disconnect them from the internet until further notice, following reports from around the world that some devices have been compromised and wiped clean by malicious software.

western digital my book live
The WD My Book Live is the company's network-attached storage device with the book-style design that can stand upright on a desk. The drive is typically connected to computers via USB and connects to a local network via ethernet. Meanwhile, the WD My Book Live app lets users access their stored files remotely through Western Digital's cloud servers.

As reported by BleepingComputer, My Book Live and Live Duo device owners on Thursday began flooding Western Digital's support forums with reports that all of their files had been mysteriously deleted and that they could no longer access the device via the offical app or a browser.

"I have a WD My Book live connected to my home LAN that's worked fine for years," wrote the first poster in a now-long thread. "I have just found that somehow all the data on it is gone today, while the directories seems there but empty. Previously the 2T volume was almost full but now it shows full capacity."

When they attempted to log in using the drive's web dashboard, the drive told them they had an invalid password. Many other owners have also confirmed that their device has been hit with the same issue. "All my data is gone too," another user said. "I am totally screwed without that data... years of it."

Following further reports, a pattern has gradually emerged in shared device logs that points to a remote command initiating a factory reset on affected devices beginning at around 3:00 p.m. on Thursday and continuing throughout the night.

Western Digital has advised customers in a new support notice to disconnect their My Book Live devices while the company investigates the destructive attacks. The company has since told BleepingComputer they are actively investigating the attacks but do not believe it was a compromise of their servers.

"Western Digital has determined that some My Book Live devices are being compromised by malicious software. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. The My Book Live device received its final firmware update in 2015. We understand that our customers' data is very important. At this time, we recommend you disconnect your My Book Live from the Internet to protect your data on the device. We are actively investigating and we will provide updates to this thread when they are available."

If the company is correct in saying its servers haven't been hacked, it's unclear how so many My Book Live accounts could be compromised at or around the same time. We've asked for more information from Western Digital regarding the matter and will post an update to this story if we hear anything back, but the advice for device owners for now is clear: Disconnect your My Book Live.

Tag: Western Digital

Popular Stories

iPhone 17 Air Size Feature

'iPhone 17 Air' With Rear Camera Bar Allegedly Shown in Leaked Photo

Tuesday January 21, 2025 12:46 pm PST by
A leaker known as "Majin Bu" today shared an alleged image of a component for the rumored, ultra-thin "iPhone 17 Air" model. The blurry, pixelated image shows a pair of rear iPhone shells with a pill-shaped, raised camera bar along the top. On the left side of the bar, there is a circular cutout that appears to be for a single rear camera. On the right side of the bar, there appears to be an ...
Read Full Article143 comments
Generic iOS 19 Feature Mock Light

iOS 19 Leak Reveals All-New Design

Friday January 17, 2025 2:42 pm PST by
iOS 19 is still around six months away from being announced, but a new leak has allegedly revealed a completely redesigned Camera app. Based on footage it obtained, YouTube channel Front Page Tech shared a video showing what the new Camera app will apparently look like, with the key change being translucent menus for camera controls. Overall, the design of these menus looks similar to...
Read Full Article
iPhone SE Dynamic Island Majin Bu

iPhone SE 4 Leak Shows Dynamic Island, Casts Doubt on Rumored 'iPhone 16E' Name

Monday January 20, 2025 9:01 am PST by
A new iPhone SE is widely rumored to launch this year, and the device has potentially been confirmed today by known leaker Evan Blass. In a private social media post, Blass shared an image of what appears to be source code mentioning an iPhone SE (4th Gen), which casts doubt on the alternative "iPhone 16E" name rumored for the device. However, the name in the source code could be a...
Read Full Article177 comments
2024 App Store Awards

Apple Explains Why It Removed TikTok From the App Store in the U.S.

Sunday January 19, 2025 6:58 am PST by
Apple on late Saturday removed TikTok from the App Store in the U.S., and it has now explained why it was required to take this action. Last year, the U.S. passed a law that required Chinese company ByteDance to divest its ownership of TikTok due to potential national security risks, or else the platform would be banned. That law went into effect today, and companies like Apple and Google...
Read Full Article257 comments
iOS 18

Here Are Apple's Full Release Notes for iOS 18.3

Tuesday January 21, 2025 4:31 pm PST by
Apple provided developers and public beta testers with the release candidate version of iOS 18.3 today, and with it comes release notes confirming what's new. While we knew about several of the features that are in the update, there are some lesser known tweaks and bug fixes. The update adds new Visual Intelligence features for iPhone 16 models, it tweaks Notification summaries on all...
Read Full Article49 comments
airtag 4 pack blue

AirTag 2 Launching This Year With These 3 New Features

Sunday January 19, 2025 8:11 am PST by
After a four-year wait, a new AirTag is finally expected to launch in 2025. Below, we recap rumored upgrades for the accessory. A few months ago, Bloomberg's Mark Gurman said Apple was aiming to release the AirTag 2 around the middle of 2025. While he did not offer a more specific timeframe, that means the AirTag 2 could be announced by the end of June. The original AirTag was announced...
Read Full Article
ipad pro 2024

New iPad Pro Reportedly Launching This Year

Tuesday January 21, 2025 6:40 am PST by
Apple plans to release at least one new iPad Pro model this year, according to a supplier-focused report today from Korean website The Elec. It is likely that the 11-inch and 13-inch iPad Pro models would be updated simultaneously. After receiving an OLED display last year, the report said the iPad Pro will receive only "minor" changes this year. Overall, the next iPad Pro is expected to...
Read Full Article135 comments
truecaller

Truecaller iOS Update Rolls Out Real-Time Caller ID Support

Wednesday January 22, 2025 2:07 am PST by
Popular caller ID app Truecaller is rolling out an update that brings real-time caller ID support to its iOS subscribers. Apple introduced Live Caller ID Lookup in iOS 18, allowing third-party caller ID apps to securely retrieve information about a caller from their servers, hence today's Truecaller update. iPhone users can enable the Live Caller ID Lookup feature by going to Settings ➝ ...
Read Full Article58 comments
iOS 19 Roundup Feature

iOS 19 Rumored to Be Compatible With These iPhones

Saturday January 18, 2025 10:28 am PST by
iOS 19 will not drop support for any iPhone models, according to French website iPhoneSoft.fr. The report cited a source who said iOS 19 will be compatible with any iPhone that can run iOS 18, which would mean the following models: iPhone 16 iPhone 16 Plus iPhone 16 Pro iPhone 16 Pro Max iPhone 15 iPhone 15 Plus iPhone 15 Pro iPhone 15 Pro Max iPhone 14 iPhon...
Read Full Article

Top Rated Comments

haruhiko Avatar
haruhiko
47 months ago
One should either: 1) put your files locally and keep the drive offline or 2) put them in a trustworthy cloud based storage system (iCloud Drive, Google Drive etc.)

The victims unfortunately chose the worst of both worlds: a single local copy with access to internet which supports remote deletion of all files.

The fact that WD gave up their old products and hasn’t issued any security updates since 2015 while retaining the remote wipe function is beyond irresponsible.
Score: 24 Votes (Like | Disagree)
deckard666 Avatar
deckard666
47 months ago
Remote and local folks.....always
Score: 21 Votes (Like | Disagree)
JSL1 Avatar
JSL1
47 months ago
Poor security by WD to allow this to happen and to allow remote wipes.
Score: 12 Votes (Like | Disagree)
elvisimprsntr Avatar
elvisimprsntr
47 months ago
Hard lessons learned:
1. Never expose NAS to WAN or any remote access cloud service.
2. Need 3-2-1 backup strategy.
3. Replace EOL devices/software.

Even though I did not fall victim to recent QNAP QTS Qlocker ransomware since I don't expose my NAS devices to a WAN, I got fed up with constant QTS security patches for hardcoded credentials and vulnerabilities, and installed TrueNAS CORE ('https://www.truenas.com/truenas-core/') on my QNAP TS-453A and TS-253A. Works better and faster than QTS!



Attachment Image
Score: 9 Votes (Like | Disagree)
W2u7Yw4HaD Avatar
W2u7Yw4HaD
47 months ago
Unless their data is wholly in the cloud also and can be undeleted, this isn't a wise thing to connect to the cloud as your only offline backup source..
Score: 8 Votes (Like | Disagree)
CoastalMaineBird Avatar
CoastalMaineBird
47 months ago
all the data on it is gone today, while the directories seems there but empty.
...
this compromise has led to a factory reset that appears to erase all data on the device.

I don't think the "factory reset" would leave all the directories there.
Score: 6 Votes (Like | Disagree)
Read All Comments