U.S. satellite tv for pc tv large Dish has confirmed that hackers stole the private data of virtually 300,000 people throughout a February ransomware attack.
In a data breach notification filed with Maine’s lawyer basic final week, Dish stated that whereas buyer databases have been unaffected by the incident, hackers accessed lots of of hundreds of employee-related data throughout the cyberattack. Dish, which presently employs round 16,000 folks, stated that former staff, staff’ relations and a “restricted variety of different people” have been affected by the breach.
This long-awaited knowledge breach discover comes months after Dish confirmed that hackers had exfiltrated knowledge from its techniques throughout the cybersecurity incident without revealing whether or not prospects or staff have been affected.
Dish’s knowledge breach notification confirms that hackers additionally accessed driver’s license numbers and different types of identification. When reached by TechCrunch, Dish spokesperson Edward Wietecha declined to remark or verify what kinds of knowledge have been accessed.
In its letter despatched to these affected, Dish notes that it has “acquired affirmation that the extracted knowledge has been deleted.” It’s not unusual for affected organizations to pay a ransom to restrict the unfold of stolen knowledge, notably in double-extortion schemes, whereby hackers threaten to publish stolen knowledge if a fee isn’t made. Researchers have lengthy famous that ransomware gangs don’t at all times delete the stolen knowledge as claimed.
Dish has additionally not but been added to the darkish net leak website of the Russia-linked Black Basta ransomware gang — allegedly behind the cyberattack — one other signal that the corporate might have negotiated with the attackers. Black Basta can also be stated to be behind the recent attack on British outsourcing giant Capita.
When requested, Dish’s spokesperson wouldn’t say if the corporate had paid a ransom however didn’t dispute the declare.
Dish’s ransomware incident first got here to gentle in late February after prospects complained a few extended outage that prevented them from accessing streams, companies or their accounts. Whereas Dish confirmed that ransomware was the reason for the multi-day outage days later, TechCrunch discovered that the corporate had saved each customers and employees in the dark about the incident and the protection of their knowledge.