Dish says a ransomware gang stole nearly 300,000 employee records

US satellite TV giant Dish has confirmed that hackers stole the personal information of nearly 300,000 people during a ransomware attack in February.

in a data breach notification Filed with the Maine attorney general last week, Dish said that while customer databases were not affected by the incident, hackers accessed hundreds of thousands of employee-related records during the cyberattack. Dish, which currently employs about 16,000 people, said former employees, family members of employees and a “limited number of other people” were affected by the leak.

This long-awaited data breach notice comes months after Dish confirmed that hackers had extracted data from its systems during the cybersecurity incident without disclosing whether customers or employees were affected.

Dish’s data breach notification confirms that the hackers also accessed driver’s license numbers and other forms of identification. When contacted by TechDigiPro, Dish spokesman Edward Wietecha declined to comment or confirm what type of data was accessed.

In its letter sent to those affected, Dish states that it has “received confirmation that the extracted data has been deleted.” It is not uncommon for affected organizations to pay a ransom to limit the spread of stolen data, particularly in double extortion schemes, in which hackers threaten to publish the stolen data if payment is not made. Researchers have long noticed that ransomware gangs don’t always delete stolen data as they claim.

Dish has also not yet been added to the dark web leak site of the Russia-linked Black Basta ransomware gang, allegedly behind the hack, another sign the company may have negotiated with the attackers. Black Basta is also said to be behind the recent attack on British outsourcing giant Capita.

When asked, the Dish spokesperson would not say whether the company had paid a ransom, but did not dispute the claim.

The Dish ransomware incident first came to light in late February after customers complained of a lengthy outage that prevented them from accessing streams, services or their accounts. While Dish confirmed that ransomware was the cause of the multi-day outage days later, TechDigiPro learned that the company had been keeping customers and employees in the dark about the incident and the security of their data.

Disclaimer: All the content or information on this article is given for only educational purposes.


Scroll to Top