MyBookLive

[Ssayer]

Heh, just got this email from Western Digital (there is not a chance in this world that I'd have either of mine exposed to the internet. They just now figured it out??):

-------------------------------------------------------------------------------

​

Our records indicate that you registered a My Book Live or My Book Live Duo device. To protect your data on the device from ongoing attacks, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet and access your data locally by following these instructions on our Knowledge Base. Western Digital has determined that some My Book Live and My Book Live Duo devices are being compromised through exploitation of a remote command execution vulnerability. In some cases, the attackers have triggered a factory reset that appears to erase all data on the device. Our investigation of this incident has not uncovered any evidence that Western Digital cloud services, firmware update servers, or customer credentials were compromised. As the My Book Live devices can be directly exposed to the internet through port forwarding, the attackers may be able to discover vulnerable devices through port scanning. We understand your data is very important. Some customers have reported that data recovery tools may be able to recover data from affected devices, and we are currently investigating the effectiveness of these tools.​

 

[Mike A.]

Yeah, that's been in the news a lot for the last week or so. Yet another example for not having anything exposed to the outside world (unless properly secured and monitored).