Tried Easus. It only found unencrypted Linux OS files in 2 partitions. No other files. I’m skeptical of other recovery methods working any better. The OS itself is kept on the drive. There’s intermittent writing that the drive itself does. If the table of contents is gone, the drive’s as good as gone.
This is unfortunate. Thankfully I read about the warning on security holes on my old My Book Live last year, opened it up and installed openwrt instead. I also got faster transfer with latest samba v3 up to 70MB/s. I recommend you try openwrt if you are to keep the MBL (after the data recovery of course). The ARM chip in MBL is not the fastest, but it is still sufficient for basic home storage.
Feeling very fortunate I saw this appear across my newsfeed just now. Data seems intact so Immediately disconnected Ethernet from my router & power.
Will wait to see what WD suggest (MBL Duo)
Hellou. I have same problem. All data erased. Im from Slovakia. I trying recover data over ZAR 9.1 and other programs. I tried Easeus Data Recovery but it doesn’t have file names just numbers and extensions. Anyone have a better solution? Thanks
I got scared and disconnected my drive before I actually verified if any data was lost … I took a quick peek and saw what looked like all of my folders present but I didn’t look for actual files. Now that it’s disconnected, is there any “safe” way that I can reconnect it to verify if I still have my data?
I also have multiple partitions. The Tool I used to check the tables also didn‘t find any Data. I‘m still Running PhotoRec and recovered about 21 000 Files After about one third of the Drive. Unfortunately mostly TimeMachine Backups and Not so important Files. I hope this will improve in the next hours
Also woke up this morning realizing all my data was gone! I’m really concerned about this. Have nothing technical to add, but hope WD will work on a solution if they realize users across the globe are affected.
Sorry to cross post but with an issue with such a major impact to many I’m going to make an exception.
After the reset, leave the password blank. It will log you in, then you
can create a password of your own choosing.
Hi, I was lucky so far, and now I’m copying the most important files from My Book Live Duo to another drive… but I won’t have space for all of it, and I wonder if it’s safer to just unplug it ASAP instead than risk having it online for ca. 3 more hours the copying will take… any opinions? Thanks
Shut it down. Unplug it and wait. OR as mentioned below you can disconnect your internet and connect directly to PC. Just don’t have internet access to the device.
In the owners manual there are instructions on how to connect directly to your pc.
Or another work-around: disconnect your modem/router from your internet, power up your MBL, make your backups/get data needed. Then power down your MBL and reconnect your internet.
Add me too
Never underestimate the power of class action lawyers. If they see money there will be lawsuit.
A Class action lawsuit is likely as WD made it very clear on their own website they knew about issue in 2019 or 2018 and did absolute nothing other than state users should use a firewall which does prevent this type of attack.
I’m also a victim. Speechless.
i take a tiny stred of comfort this isn’t just me! yesterday by entire music library vanished. i can access the drive but not the files although looking at the space used on the drive, my files are still there - hopeful this can be sorted.
feel sorry for folk that have lost way more important stuff than weird ‘out of print’ music!
The same happend here. I lost all my data
Me too. Add me to the list. Thankfully had a backup.
I hope that you are right. and that there is a quick fix for it
I did not have automatic firmware updates enabled and also did not have remote (internet) access enabled either, and yet the drive was still connected to the internet. I thought I had taken adequate precautions to prevent the possibility of such a threat but it looks like the only way to keep the NAS off the internet is to block it within the router or firewall.
I wonder if WD scans the NAS drives of users the same way that Facebook and Microsoft skim data for so-called ‘product improvement’ purposes. I need to read the EULA to see.
I’m also very curious as to how this event occurred worldwide within only a few hours. I’m wondering if the source was WD’s servers being compromised, then pushing the script out to all connected drives.
What annoys me here is that the MyBook products were still in the retail chain when that product line was discontinued in 2014, and yet the final firmware WD released was in 2015. I would have expected at least security firmware updates for few years longer.
NAS drives are not like GPUs or CPUs, in that they’re not normally replaced every few years, and the product support should reflect that. I wouldn’t expect WD to support the product indefinitely, however they were aware of the vulnerability and didn’t move to protect their customers. Well that also makes me wonder if their current products have similar vulnerabilities, so I will have to remove this drive from my network now, but I’m definitely not replacing it with another WD product. If this situation is representative of how WD approaches critical security threats, then I’ve lost faith in them and their products.
My company has used many different WD drives over the course of the last 20 years. Things change I guess and so will my future considerations regarding WD.