Connect with us

Hi, what are you looking for?



Dish Ransomware Attack Impacted Nearly 300,000 People

Satellite TV giant Dish Network says the recent ransomware attack impacted nearly 300,000 people and its notification suggests a ransom has been paid.

Dish Network

Satellite TV giant Dish Network has started notifying the individuals whose data was compromised in a recent ransomware attack.

The company informed the Maine Attorney General about the data breach last week and shared a copy of the notification letter sent to impacted people. Dish told authorities that the incident impacted more than 296,000 individuals.

The notification letter reveals that while there is no evidence of customer databases being accessed by hackers, the stolen data does include employee-related records and personal information. This includes former employees and their family members. 

The security incident came to light in late February, when various Dish services, including its websites and applications, became inaccessible. The company later confirmed that the outage was caused by a ransomware attack and admitted that personal information may have been stolen.

“We are not aware of any misuse of your information, and we have received confirmation that the extracted data has been deleted,” Dish is now telling impacted individuals.

The fact that it has received confirmation of the stolen data being deleted suggests that it has paid a ransom to the cybercriminals. 

If — as reported — the Russia-linked BlackBasta ransomware group is behind the attack, paying the ransom would explain why Dish has not been named on the cybercriminals’ leak website.

Advertisement. Scroll to continue reading.

SecurityWeek has reached out to the company for comment and will update this article if it responds.

In the letter sent to customers, Dish noted that while it has no evidence of personal data being misused, it’s still offering credit monitoring services to impacted people and it’s scanning the web, including the dark web, to ensure that the stolen data doesn’t surface. 

Related: Ransomware Revenue Plunged in 2022 as More Victims Refuse to Pay Up

Related: US Offering $10M Reward for Russian Man Charged With Ransomware Attacks

Related: Lacroix Closes Production Sites Following Ransomware Attack

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


The City of Oakland has disclosed a ransomware attack that impacted several non-emergency systems.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.


The personal and health information of more than 3.3 million individuals was stolen in a ransomware attack at Regal Medical Group.