>
Dish Network has now confirmed that the cybersecurity incident earlier this week was in fact a ransomware attack.
After initially describing the disruption as an “internal system issue” and a “VPN issue,” the new public filing with the SEC sheds more light on the incident.
In the filing, the TV giant said the disruption was “due to a cybersecurity incident and notified the appropriate law enforcement agencies”, then describes expectations “regarding its ability to contain, assess the ransomware attack and to mitigate and the impact of the ransomware attack on the company’s employees, customers, business, operations or financial results.”
Dish data stolen
The filing also says the threat actors stole “certain data” from the company, possibly including personal information. However, Dish has not specified whether the information belongs to its customers, business customers, employees or a combination. It also did not specify how much data the hackers stole.
The report about the incident is still visible on Dish’s website, and while it claims that Dish, Sling and wireless and data networks “remain operational,” the media reported that at least some of its customers have not been able to access the TV service since last Thursday. could use .
Customer call centers and internal sites are still offline. Employees were told not to log into corporate VPNs and services, meaning they can’t work. At the time of writing, it was still unknown when Dish’s employees would return to work.
A ransomware group has yet to claim responsibility for the attack or put data up for auction or sale. This could also mean that the attackers are currently negotiating their ransom demand, or simply waiting for the timer to run out before posting their loot online.
Although it is impossible to confirm the identity (opens in new tab) of the group behind the attack at this point, Beeping computer (opens in new tab) has said his sources told him it was Black Basta who was interfering with Dish’s services.
Through: TechCrunch (opens in new tab)