Dish Network Confirms Ransomware Behind Multi-Day Network Shutdown
TV broadcasting and customer support have not been functioning properly for almost a week.
Dish Network, an American satellite broadcast provider and television giant, recently confirmed on its official website that it was the ransomware attack that caused the company’s networks to shut down for many days.
The outage affected Dish.com, the Dish Anywhere app, Boost Mobile (a subsidiary owned by Dish Wireless), and other websites and networks owned and operated by Dish Network. Many customers have also reported that the company’s support phone numbers are unavailable.
Dish Network representatives reportedly initially claimed that the failure was due to VPN– a service used throughout the company. However, recently the company filed application on Form 8-K to the U.S. Securities and Exchange Commission (SEC), where she described “that the failure occurred due to a cybersecurity incident, and the relevant law enforcement agencies have already been notified.”
Dish Network also confirmed that the attackers stole data from its compromised systems (potentially containing personal information), but did not mention whether it belonged to its employees or customers.
“On February 27, 2023, the Corporation became aware that certain data was extracted from Dish Network’s internal IT systems as part of this incident. It is possible that during the course of the investigation it will be found that the extracted data includes personal information.” reported on the official website of the company.
For now, the Dish Network website is still only partially operational:
Message on the official website of the company (translated into Russian)
Although the Dish Network did not name the specific ransomware gang behind the incident, sources say that the Black Basta group may be involved in the incident, which, using their malicious software, first hacked Boost Mobile, and then the Dish corporate network.
It is likely that Dish Network representatives will reveal more detailed and accurate information later, when the official investigation is completed, and the consequences of the hack will be eliminated. Judging by the duration of the failure, the company did not pay the ransom money to the attackers, following recent trends .