Hacker silhouette
his hacker could have gotten into your hard drive and swiped your MP3s. Bill Hinton/Getty Images

 

Popular external hard drive manufacturer Seagate released a range of wireless drives that shipped with a worrying security flaw, Silicon Angle reports.

The drives included a function that allowed them to connect to the internet. But the problem came in the way that the devices connected — it was possible for anyone on the same Wi-Fi network or from elsewhere on the internet to gain access to the device simply by using the default username and password that came with the hard drive.

Once a hacker had gained access to a Seagate hard drive they could download everything on the drive or upload new files to it. The upload capability meant that hackers were able to insert malware into the device, which could infect computers when the drive was connected.

Researchers from Tangible Security discovered the vulnerability and informed Seagate of the problem.

Seagate has since launched a patch for the issue, which can be downloaded from its website. It won’t update automatically, though, so some customers may still be affected.

A Seagate spokesperson provided this statement to Business Insider about the vulnerability:

Seagate was made aware of vulnerabilities in its consumer based wireless hard drives. Seagate has patched the vulnerabilities and issued a firmware update that is available to customers on Seagate.com and through a link on the CERT notification. The firmware update addresses all security concerns with these vulnerabilities.

Affected users are encouraged to update the firmware as soon as possible. Customers may download the firmware from Seagate’s website.

Seagate encourages any customer encountering issues to contact customer service at 1-800-Seagate.

As reported by Business Insider