Image: Seagate
It's a common mantra that if something is connected to the internet, it's going to get hacked.But the manufacturers of some wireless hard drives have made stealing files or sticking malware onto them incredibly easy, by allowing anyone to access the contents with a default username and password.The problems, as detailed on the CERT vulnerability database, a project from Carnegie Mellon University, allow an attacker to download files in an "unrestricted" fashion, or add files to the hard-drive.This is because the hard drive can be accessed "by using the default credentials of 'root' as username and the default password," according to the post.The models affected are versions of the Seagate Wireless Mobile Storage, its "Plus" version, and LaCie FUEL. The devices allow anyone to back up their computers, phones, or other devices with minimal effort over Wi-Fi.Seagate has released a patch, although it's always difficult for companies to communicate to all customers that an update is needed and persuade them to take action.Seagate did not immediately respond to a request for comment and had not released a statement on its website as of press time.Update: Seagate sent a statement.
Advertisement
Seagate was made aware of vulnerabilities in its consumer based wireless hard drives. Seagate has patched the vulnerabilities and issued a firmware update that is available to customers on Seagate.com and through a link on the CERT notification as well. The firmware update addresses all security concerns with these vulnerabilities. Affected users are encouraged to update the firmware as soon as possible. Customers may download the firmware from Seagate's website. Seagate encourages any customer encountering issues to contact customer service at 1-800-Seagate.