[Jacquesb]

Hi, just received the email below from Western Digital.

"Our records indicate that you registered a My Book Live or My Book Live Duo device. To protect your data on the device from ongoing attacks, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet and access your data locally by following these instructions on our Knowledge Base.

Western Digital has determined that some My Book Live and My Book Live Duo devices are being compromised through exploitation of a remote command execution vulnerability. In some cases, the attackers have triggered a factory reset that appears to erase all data on the device.

Our investigation of this incident has not uncovered any evidence that Western Digital cloud services, firmware update servers, or customer credentials were compromised. As the My Book Live devices can be directly exposed to the internet through port forwarding, the attackers may be able to discover vulnerable devices through port scanning.

We understand your data is very important. Some customers have reported that data recovery tools may be able to recover data from affected devices, and we are currently investigating the effectiveness of these tools.

We are continuing our investigation and will post the latest information about this incident on our Product Security Portal. For further assistance, you can contact our Customer Support team"..

I use the WD MyBookLive to store photos, videos and data files, including bank statements etc. and also as backup device for Time Machine on MacOS for both my and my wife's laptops, neither of which has an ethernet port which could be used for direct connection.

After chatting with an agent, I am no further forward and not convinced that this is not a scam. I have physically and reluctantly disconnected the device from the router.

I would welcome any sensible advice from the forum.

Thanks