The screenshots included an image of a meeting that was held by the company to discuss the response to the recent cybersecurity incident. Ransomware group BlackCat has released a set of screenshots on its leak site that it claims are from data stolen from Western Digital in an April system breach. The images include screenshots of videoconferences and internal emails of the storage device manufacturer, according to a tweet by cybersecurity researcher Dominic Alvieri.The screenshots also included an image of a recent meeting held by Western Digital where the company was discussing how to respond to the cyberattack. The ransomware group, along with the image, wrote, “with the finest threat hunters Western Digital has to offer.” The images of the participants were blurred.Western Digital suffered a network breachWestern Digital disclosed it had suffered a network breach on April 3. The incident was first identified by the company on March 26 and the company revealed that an unauthorized third party gained access to several of the company’s systems. “Based on the investigation to date, the Company believes the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data,” Western Digital said. The company also said that it was taking down certain systems and services offline as a proactive security measure. Following the incident, several users reported that they were not able to access Western Digital’s network-attached storage service My Cloud.“We are currently experiencing a service interruption that is preventing customers from accessing the My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS 5, SanDisk ibi, SanDisk Ixpand Wireless Charger service,” the company said on April 3. The services were restored on April 12, according to the company’s status page. BlackCat threatens to release more dataAlong with the screenshots that BlackCat currently posted, the group also posted a note that states it would release more data and eventually put Western Digital’s intellectual property on sale.“Beginning next week on an unspecified day, we will share leaks every week until we lose interest. Once that happens, we will put their intellectual property up for sale, including code signing certificates, firmware, personally identifiable information of customers, and more,” BlackCat said, adding that the group had obtained a full backup of Western Digital’s SAP Back Office, which dates back to the last week of March.The group also claimed it was doing so because Western Digital did not get in contact with them. There has been no further update on the issue from Western Digital nor confirmation of any ransom demanded.BlackCat becomes more active BlackCat, also known as ALPHV, was the second most active ransomware group in 2022, according to cybersecurity conpany Malwarebytes. It was the first ransomware to be coded in the Rust programing language. In February, the ransomware group listed over 6GB of data allegedly stolen from the Munster Technological University in Ireland on its website.The Lehigh Valley Health Network disclosed on February 20 that it had been attacked by the BlackCat ransomware gang and stated that it would not pay a ransom. Following this, the gang posted pictures of nude cancer patients on its site. The pictures were clinical images used as part of radiotherapy. Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe