Seagate Drives at Risk of Data Theft Over Hidden ‘root’ Account


A public vulnerability disclosure warns that an attacker could remotely download files from an affected hard drive, thanks to the hard-coded default password. 

A number of Seagate hard drives are vulnerable to data theft, thanks to an undocumented, in-built user account that could give an attacker remote access to the device. “Seagate wireless hard-drives provides undocumented Telnet services accessible by using the default credentials of ‘root’ as username and the default password,” said a public advisory posted Tuesday.

Read more at ZDNet News