Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Dish Ransomware Attack Impacted Nearly 300,000 People

Satellite TV giant Dish Network says the recent ransomware attack impacted nearly 300,000 people and its notification suggests a ransom has been paid.

Dish Network

Satellite TV giant Dish Network has started notifying the individuals whose data was compromised in a recent ransomware attack.

The company informed the Maine Attorney General about the data breach last week and shared a copy of the notification letter sent to impacted people. Dish told authorities that the incident impacted more than 296,000 individuals.

The notification letter reveals that while there is no evidence of customer databases being accessed by hackers, the stolen data does include employee-related records and personal information. This includes former employees and their family members. 

The security incident came to light in late February, when various Dish services, including its websites and applications, became inaccessible. The company later confirmed that the outage was caused by a ransomware attack and admitted that personal information may have been stolen.

“We are not aware of any misuse of your information, and we have received confirmation that the extracted data has been deleted,” Dish is now telling impacted individuals.

The fact that it has received confirmation of the stolen data being deleted suggests that it has paid a ransom to the cybercriminals. 

If — as reported — the Russia-linked BlackBasta ransomware group is behind the attack, paying the ransom would explain why Dish has not been named on the cybercriminals’ leak website.

SecurityWeek has reached out to the company for comment and will update this article if it responds.

Advertisement. Scroll to continue reading.

In the letter sent to customers, Dish noted that while it has no evidence of personal data being misused, it’s still offering credit monitoring services to impacted people and it’s scanning the web, including the dark web, to ensure that the stolen data doesn’t surface. 

Related: Ransomware Revenue Plunged in 2022 as More Victims Refuse to Pay Up

Related: US Offering $10M Reward for Russian Man Charged With Ransomware Attacks

Related: Lacroix Closes Production Sites Following Ransomware Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Ransomware

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Data Breaches

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. 

Ransomware

Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Ransomware

Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

Ransomware

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.