>"Western Digital My Book Live users wake up to find their data deleted. Storage-device maker advises customers to unplug My Book Lives from the Internet ASAP. Western Digital, maker of the popular My Disk external hard drives, is recommending that customers unplug My Book Live storage devices from the Internet until further notice while company engineers investigate unexplained compromises that have completely wiped data from devices around the world."
>
>Source: arsTECHNICA - https://arstechnica.com/gadgets/2021/06/mass-data-wipe-in-my-book-devices-prompts-warning-from-western-digital/

The best writeup I've seen so far is at https://www.bleepingcomputer.com/news/security/wd-my-book-nas-devices-are-being-remotely-wiped-clean-worldwide/

Those devices will likely have been behind at least a NAT firewall and not directly accessible from the public internet. So for them to have been accessed remotely it would have to have been through WD's cloud service. From the nature of this event the most obvious cause would be a vulnerability or compromise of the WD cloud service. If WD device passwords were left at the default that might have contributed.

If the last firmware update for these devices was in 2015 then the WD cloud service must be older than that, which is Stone Age for cloud services. Who knows how much effort WD has put into maintaining and securing it over the years.

The article https://krebsonsecurity.com/2021/06/mybook-users-urged-to-unplug-devices-from-internet/ shows that "Remote Access" can be disabled if the device hasn't already been reset. Presumably that prevents the device from connecting with the WD cloud. However, given the tendency for consumer devices to "phone home" for telemetry or other reasons (maybe automatic updates?) communications may still be taking place which could provide "back door" remote access. It sounds like good advice to disconnect these devices from Ethernet (or at least internet access) until more is known.