Dish Network, a U.S. satellite television provider, confirmed that a ransomware attack has been responsible for an ongoing outage. The company warned that intruders had exfiltrated data from its networks. In the wake of the multi-day outage, which was confirmed by Dish only on Monday, Dish’s main website, apps, support services, and the company’s Sling TV streaming and wireless services are all affected. After Dish initially blamed the outage on internal systems issues in a public filing posted Tuesday, first spotted by Bleeping Computer, the company has now said it has determined that the outage was caused by a cyber-security incident and notified the law enforcement authorities.
There is also a statement in the filing that states that the filing is related to the company’s expectations regarding the extent of the ransomware attack and its impact on its employees, customers, business, operations, or financial results. During the filing, Dish said that the attackers had extracted “certain data” from its IT systems and that this data may have included personal information. It is unclear whether this personal information belongs to Dish employees, customers, or both and the extent of the data theft. As part of its streaming, satellite TV, and other services, Dish has about 10 million subscribers worldwide. While the organization is still assessing the impact of this incident, it claims that its Dish, Sling, wireless, and data networks are still operational. In contrast, it assesses the full scope of the incident. There is also a problem with the website of Dish Network.
Dish also stated Tuesday that its internal communications, customer call centers, and internal websites remain down due to the incident. Employees have been told they cannot log into Dish-issued devices or corporate VPNs, preventing them from performing their duties. It has been reported that employees have not been informed or told when they will return to work. The attackers of the breach are still unidentified, and no major ransomware group has yet claimed responsibility for the attack, which is a major security breach. According to sources, the Black Basta ransomware gang may be behind the attack, and the Black Basta ransomware gang first breached the Boost Mobile network, then the Dish network.
It is becoming increasingly clear that Dish was hit by a potentially destructive cyberattack, such as ransomware, as evidenced by the internal email obtained by The Verge advising employees not to use Dish-issued laptops if they have been connected to the company network or its VPN, which allows employees to access internal systems remotely. Those who work from home have been told to refrain from logging in to their VPN, which effectively prevents them from being able to work.
