Satellite Broadcaster and TV behemoth Dish Network said the multi-day network and service disruption began on Friday because of a ransomware attack. Reports revealed that this significant outage affected several Dish Network websites and networks, including Dish.com, the Dish Anywhere app, Boost Mobile (a Dish Wireless subsidiary), and others. Customers have also complained that they could not reach the company’s call center by phone.
According to The Verge, Dish Network first attributed the network and service disruption to VPN problems. However, a note written internally to Dish staff members indicated that the disruption “was caused by an outside bad actor, a known threat agent.” In an 8-K form filed with the U.S. Securities and Exchange Commission (SEC), Dish Network said that it “determined that the outage was due to a cyber-security incident and notified appropriate law enforcement authorities.”
The company noted that the filed information related to their “expectations regarding its ability to contain, assess and remediate the ransomware attack and the impact of the ransomware attack on the Corporation’s employees, customers, business, operations or financial results.” Dish Network also acknowledged that the threat actors obtained information (perhaps comprising personal data) from its breached networks. However, it did not specify if the information belonged to its staff, clients, or both.
According to the company, the Corporation learned on February 27, 2023, that this event involved extracting specific data from the Corporation’s IT systems. The inquiry will probably show that the data taken contains personal information. Dish Network’s website is still having issues and is only partially operational. The firm boldly advertises at the top of the webpage, “We are experiencing a system issue that our teams are working hard to resolve.”
Unfortunately, Dish Network staff members claim they have been kept in the dark about what is happening and that the corporation hasn’t given them much information. Dish Network hasn’t provided any additional information besides stating that it hired “the services of cyber-security experts and outside advisors” and informed the appropriate law enforcement authorities about the attack, which may be because an investigation into the ransomware attack is still ongoing.
According to sources, Boost Mobile and the Dish corporate network were initially compromised by the Black Basta ransomware operation, even though Dish Network declined to identify the ransomware gang responsible for the incident. Furthermore, several reports revealed that the incident occurred early on February 23. The attackers accessed the company’s Windows domain controllers before encrypting VMware ESXi servers and backups.
The media have not independently verified this information, and no ransomware group has taken ownership of the attack. Multiple emails to Dish Network asking for further details on the outage and the ransomware attack that caused it has not received a response.