In February of this year, the US satellite TV provider Dish experienced a significant hack in which unauthorized individuals were able to access and leak Dish data. The hack left the telephone system, internal IT, and websites offline for several days, causing issues with activating new services and preventing existing customers from making payments. Dish has now admitted over 296,000 customer’s personal information was stolen, including ID cards and driver’s licenses.
While most customers have not been affected, current and former employees, their families, and a “limited number of other individuals” have been impacted. To try and calm those affected, Dish has offered two years of free credit monitoring, which will include credit monitoring and scanning the dark web for any signs of illegal usage. The company also claims to have received confirmation that the stolen data has been deleted, although it is unclear who confirmed this.
It has been suggested that Dish may have paid a ransom to the perpetrator of the hack, as they have made no reference to any law enforcement involvement in the matter. However, paying a ransom is illegal under US law, particularly if the payment goes to countries or individuals on sanctions lists. Dish has not confirmed whether they went through the proper channels to get approval for any potential ransom payment.
While Dish has attempted to reassure its customers that their information is safe, incidents like these highlight the importance of proper cybersecurity protocols for all companies, big or small. With cyber-criminals becoming increasingly sophisticated, it is more crucial than ever to have robust security measures in place to prevent data breaches and other malicious activity.
