It’s a common mantra that if something is connected to the internet, it’s going to get hacked.
But the manufacturers of some wireless hard drives have made stealing files or sticking malware onto them incredibly easy, by allowing anyone to access the contents with a default username and password.
Videos by VICE
The problems, as detailed on the CERT vulnerability database, a project from Carnegie Mellon University, allow an attacker to download files in an “unrestricted” fashion, or add files to the hard-drive.
This is because the hard drive can be accessed “by using the default credentials of ‘root’ as username and the default password,” according to the post.
The models affected are versions of the Seagate Wireless Mobile Storage, its “Plus” version, and LaCie FUEL. The devices allow anyone to back up their computers, phones, or other devices with minimal effort over Wi-Fi.
Seagate has released a patch, although it’s always difficult for companies to communicate to all customers that an update is needed and persuade them to take action.
Update: Seagate sent a statement.
Seagate was made aware of vulnerabilities in its consumer based wireless hard drives. Seagate has patched the vulnerabilities and issued a firmware update that is available to customers on Seagate.com and through a link on the CERT notification as well. The firmware update addresses all security concerns with these vulnerabilities. Affected users are encouraged to update the firmware as soon as possible. Customers may download the firmware from Seagate’s website. Seagate encourages any customer encountering issues to contact customer service at 1-800-Seagate.
More
From VICE
-
CAMILLE COHEN/Contributor/Getty Images -
(Photo by Paras Griffin/WireImage) -
AEW -
KINGS THEATER, NEW YORK, UNITED STATES – 2017/11/10: Evanescence rock band with orchestra performs at Kings Theater of Brooklyn. (Photo by Lev Radin/Pacific Press/LightRocket via Getty Images)
