Security researcher James Bercegay found a security hole in Western Digital’s MyCloud devices back in June 2017. He discovered that a hidden firmware backdoor allowed anyone to login remotely, using the username mydlinkBRionyg, and the somewhat underwhelming password abc12345cba. Western Digital has now been forced to issue a fix for the flaw. Customers are advised to install firmware version 2.30.174 to remove the backdoor. The default default login credentials could even be used in a Mirai-style attack.”]
Source: https://grahamcluley.com/locked-dont-worry-heres-hardcoded-password-wd-cloud-nas-device/