Satellite TV giant Dish Network has started notifying the individuals whose data was compromised in a recent ransomware attack.
The company informed the Maine Attorney General about the data breach last week and shared a copy of the notification letter sent to impacted people. Dish told authorities that the incident impacted more than 296,000 individuals.
The notification letter reveals that while there is no evidence of customer databases being accessed by hackers, the stolen data does include employee-related records and personal information. This includes former employees and their family members.
The security incident came to light in late February, when various Dish services, including its websites and applications, became inaccessible. The company later confirmed that the outage was caused by a ransomware attack and admitted that personal information may have been stolen.
“We are not aware of any misuse of your information, and we have received confirmation that the extracted data has been deleted,” Dish is now telling impacted individuals.
The fact that it has received confirmation of the stolen data being deleted suggests that it has paid a ransom to the cybercriminals.
If — as reported — the Russia-linked BlackBasta ransomware group is behind the attack, paying the ransom would explain why Dish has not been named on the cybercriminals’ leak website.
SecurityWeek has reached out to the company for comment and will update this article if it responds.
In the letter sent to customers, Dish noted that while it has no evidence of personal data being misused, it’s still offering credit monitoring services to impacted people and it’s scanning the web, including the dark web, to ensure that the stolen data doesn’t surface.
Related: Ransomware Revenue Plunged in 2022 as More Victims Refuse to Pay Up
Related: US Offering $10M Reward for Russian Man Charged With Ransomware Attacks
Related: Lacroix Closes Production Sites Following Ransomware Attack
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
- Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges
- Google Patches Third Chrome Zero-Day of 2023
- Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations
- Cybersecurity M&A Roundup: 36 Deals Announced in May 2023
- In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack
- Apple Denies Helping US Government Hack Russian iPhones
Latest News
- KeePass Update Patches Vulnerability Exposing Master Password
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Keep Aware Raises $2.4M to Eliminate Browser Blind Spots
- Google Workspace Gets Passkey Authentication
- Cybersecurity Startup Elba Raises €2.5 Million for Employee-Focused Product
- Zoom Expands Privacy Options for European Customers
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
- Apple Unveils Upcoming Privacy and Security Features
