Security News > 2023 > May > Dish Network likely paid ransom after recent ransomware attack
Dish Network, an American television provider, most likely paid a ransom after being hit by a ransomware attack in February based on the wording used in data breach notification letters sent to impacted employees.
Ransomware gangs only delete data or provide a decryption key after a ransom is paid, meaning that is highly unlikely that Dish could receive confirmation that the stolen data was deleted without paying.
Past incidents have demonstrated that victims who paid ransoms were subsequently subjected to further extortion weeks later, had their data sold to other threat actors, or had it leaked on data leak sites.
BleepingComputer reached out to a Dish Network spokesperson to confirm if they paid the ransom but a response was not immediately available.
Although the specific ransomware gang responsible for the incident remains unnamed by the company, BleepingComputer was told by credible sources that the notorious Black Basta ransomware operation orchestrated the assault, initially breaching Boost Mobile before infiltrating the Dish corporate network.
Dish Network has yet to respond to numerous BleepingComputer inquiries sent via email, seeking more details regarding the outage and the underlying ransomware attack.
News URL
Related news
- Critical SonicWall SSLVPN bug exploited in ransomware attacks (source)
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- Port of Seattle hit by Rhysida ransomware in August attack (source)
- AutoCanada says ransomware attack "may" impact employee data (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)