A security researcher is urging owners of Western Digital MyCloud NAS devices to update the firmware of their portable hard-drives to fix a series of important security bugs he reported to the vendor. James Bercegay, a security researcher with GulfTech Research and Development, discovered and reported these flaws to Western Digital in June 2017. The researcher published a detailed report last Wednesday after Western Digital released firmware updates. The report describes three main flaws that can be abused for different results. An attacker can log into vulnerable devices using the username “mydlinkBRionyg”” and the password “”ABC12345cba”””
Source: https://www.bleepingcomputer.com/news/security/backdoor-account-removed-from-western-digital-nas-hard-drives/