DISH Network Corporation learned on February 27, 2023, that the recent incident involved the extraction of certain data from the Corporation’s IT systems. The inquiry potentially shows that the data that’s been extracted contains personal information.
“It is possible the investigation will reveal that the extracted data includes personal information”, In the SEC filing, Dish Network stated.
Dish Network has now acknowledged that a multi-day network and service disruption that began on Friday was caused by a ransomware attack.
On February 23, 2023, DISH Network disclosed that there had been a network outage that had impacted internal servers and IT telephony.
In order to contain, evaluate, and fix the problem, the Corporation promptly activated its incident response and business continuity strategies.
To aid in the assessment of the problem, independent advisors and cyber-security specialists were hired. The Corporation has informed the appropriate law enforcement authorities after determining that the outage was caused by a cyber-security incident.
“The Corporation has determined that the outage was due to a cyber-security incident and notified appropriate law enforcement authorities”, Dish Network.
Impact of the Incident
According to the reports, the impact of this incident is still being evaluated as part of the forensic investigation.
DISH, Sling, and its wireless and data networks continue to function; however internal communications, customer call centers, and internet sites for the Corporation have been impacted.
The company said it is “actively engaged in restoring the affected systems and is making steady progress”.
Dish[.]com, the Dish Anywhere app, Boost Mobile (a Dish Wireless subsidiary), and other Dish Network-owned and -operated websites and networks were all affected by this massive outage. Consumers have also complained that it was unable to reach the company’s call center by phone.
Dish Network’s website is still experiencing issues and is only partially operational. The firm openly proclaims at the top of the webpage that “We are experiencing a system issue that our teams are working hard to resolve.”
After reports of a potential hack began to spread, shares of Dish Networks have been declining. Dish Network did not identify the ransomware gang responsible for the assault; however, insiders have told BleepingComputer that the attack was carried out by the Black Basta ransomware operation, which first compromised Boost Mobile and subsequently the Dish corporate networks.
Also, the Company’s Windows domain controllers were compromised during the early-morning attack on February 23, and after that, VMware ESXi servers and backups were encrypted.
Network Security Checklist – Download Free E-Book