According toe Ars Technica, it appears that a WD developer commented out the code that would require a password to enter a reset and erase command from the internet. This resulted in petabytes of user data being destroyed. Not to mention that many of the devices were made part of a botnet. Oops? LINK: Hackers exploited 0-day, not 2018 bug, to mass-wipe My Book Live devices | Ars Technica
Well, one more general moral of the story is that you should never have a single copy of any file that matters to you. I have three copies of all of my photos, two local and one in the cloud.