Satellite TV giant Dish Network has started notifying the individuals whose data was compromised in a recent ransomware attack.
The company informed the Maine Attorney General about the data breach last week and shared a copy of the notification letter sent to impacted people. Dish told authorities that the incident impacted more than 296,000 individuals.
The notification letter reveals that while there is no evidence of customer databases being accessed by hackers, the stolen data does include employee-related records and personal information. This includes former employees and their family members.
The security incident came to light in late February, when various Dish services, including its websites and applications, became inaccessible. The company later confirmed that the outage was caused by a ransomware attack and admitted that personal information may have been stolen.
“We are not aware of any misuse of your information, and we have received confirmation that the extracted data has been deleted,” Dish is now telling impacted individuals.
The fact that it has received confirmation of the stolen data being deleted suggests that it has paid a ransom to the cybercriminals.
If — as reported — the Russia-linked BlackBasta ransomware group is behind the attack, paying the ransom would explain why Dish has not been named on the cybercriminals’ leak website.
SecurityWeek has reached out to the company for comment and will update this article if it responds.
In the letter sent to customers, Dish noted that while it has no evidence of personal data being misused, it’s still offering credit monitoring services to impacted people and it’s scanning the web, including the dark web, to ensure that the stolen data doesn’t surface.
Related: Ransomware Revenue Plunged in 2022 as More Victims Refuse to Pay Up
Related: US Offering $10M Reward for Russian Man Charged With Ransomware Attacks
Related: Lacroix Closes Production Sites Following Ransomware Attack
