DISH tells SEC that ransomware attack caused outages; personal info may have been stolen

Satellite broadcast giant DISH told the SEC on Tuesday that a ransomware attack is what caused “system issues” that occurred over the weekend

In an 8-K form filing, DISH confirmed rumors that they had been hit with ransomware, warning that on Monday they became aware that “certain data was extracted from the Corporation’s IT systems as part of this incident.”

They added that law enforcement was contacted after it was determined that “the outage was due to a cybersecurity incident.”

“It is possible the investigation will reveal that the extracted data includes personal information,” the company said. 

“The forensic investigation and assessment of the impact of this incident is ongoing. DISH, Sling and our wireless and data networks remain operational; however the Corporation’s internal communications, customer call centers and internet sites have been affected. The Corporation is actively engaged in restoring the affected systems and is making steady progress.”

An incident response firm has been hired and they are still investigating the attack, the company said. They reportedly informed investors of the outage on an earnings call on February 23. 

A DISH spokesperson told The Record that the attack affected their internal communications, customer call centers, and websites.

They added that they will contact customers if it is revealed that customer data was stolen during the attack. 

“As a result of this incident, many of our customers are having trouble reaching our service desks, accessing their accounts, and making payments,” the spokesperson said. 

Customers first noticed this weekend that the DISH website and multiple subsidiaries were experiencing problems. In addition to trouble accessing DISH websites and customer service channels, some customers said they could not log into certain channels using their DISH login information. Others complained of being unable to pay their bills due to the outages. 


Bleeping Computer, which was the first to report the rumors that it was a ransomware incident, claimed the Black Basta ransomware gang was behind the attack. 

The group has attacked several high-profile organizations in recent months after emerging in April 2022, including Canadian food giant Maple Leaf Foods, the American Dental Association and German wind farm operator Deutsche Windtechnik

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.