A broad cyberattack was responsible for a multi-day outage affecting the websites, customer service lines and other elements of Dish Network’s internal and external services, the company affirmed in a statement on Tuesday.
The issue began Thursday, just before Dish was set to report its quarterly earnings. The attack took down Dish’s customer-facing website as well as that of its wireless phone subsidiary Boost Mobile. The website of Sling TV was unaffected, and both Dish and Sling TV continued to provide television service during the outage.
During the outage — which continued on Tuesday — Dish and Boost customers were unable to pay their bills, change their plans, contact customer service or cancel their service. Employees of Dish were told to not use company-connected computers or attempt to connect to its internal virtual private network, or VPN.
The Desk was the first to report the outage last week. At the time, a source familiar with the issue downplayed its severity, saying it did not appear to be the result of a cybersecurity attack or related incident. But others contacted The Desk refuting this, including a former employee who said they were told that the incident was an external cyberattack.
On Tuesday, Dish affirmed that the incident was related to a cybersecurity breach, one that the company is still working to address.
“On February 23, we experienced a cybersecurity incident that has affected some of our internal communications, customer call centers, and internet sites,” a Dish Network spokesperson said. “We immediately activated our incident response and business continuity plans to contain, assess and remediate the situation. We retained the services of cybersecurity experts and outside advisors to assist in the evaluation of the situation, and we notified appropriate law enforcement authorities.”
The spokesperson confirmed that the cyberattack may have extended to personal information of customers, but that the company’s investigation is still working to determine what systems were impacted and what data might have been stolen.
“The security of our customers’ data is important to us, and if we learn that information was compromised, we’ll take the appropriate steps and let any impacted customers know,” the spokesperson continued. “We’re making progress on the customer service front every day, including ramping up our call capacity, but it will take a little time before things are fully restored. Our Dish TV, Sling TV, Wireless services, and data networks continue to operate and are up and running.”
Customers who were unable to pay their bills due to the outage won’t be charged late fees, nor will their service be interrupted. The company didn’t offer any information on when the outage might be resolved.
Dish is at least the fourth media or broadcast company to be hit with a cyberattack in the last two years. In late January, a ransomware attack crippled computer systems used by Skyview Networks, which impacted that company’s ability to provide syndicated radio programming and news bulletins to hundreds of radio stations in the United States.
Late last year, a cybersecurity incident impacted streaming television service Fubo TV during the World Cup soccer tournament, leaving some customers unable to watch certain matches that were being aired on Fox and Telemundo.
In June 2021, a ransomware attack against several Cox Media-owned broadcast stations made it difficult for local news broadcasts to air.