Dish: Someone snatched our data, if you're wondering why our IT systems went down

Dish has confirmed what everyone was suspecting, given the ongoing downtime experienced by some of its systems, that the US telco was hit by criminal hackers.

In a filing today to America's financial watchdog about the snafu, Dish confirmed "the outage was due to a cyber-security incident," though it didn't share any details as to what the incident was, nor did the broadband biz directly answer our questions to that end when asked. 

Dish said it had notified the appropriate law enforcement authorities and was conducting an investigation into the intrusion, which was initially disclosed to shareholders during the company's February 23 Q4 earnings call. Dish told us the call was the same day as the cyber incident. 

Now stretching into its sixth day, the outage has reportedly affected Dish's internal communications, customer call centers, and internet sites. The phone line to the company's corporate comms team has been busy each time we tried to call, we note. Dish's television network and its other services, including its Sling streaming service "and our wireless and data networks," remain operational, the telco said. 

Some Dish employees who work remotely have been unable to access their work systems, as the company's VPN service and other work tools are said to remain offline. 

Data was stolen, but no one'll say ransomware

Dish is being tight-lipped about what exactly happened in its network last week, and speculation has been rampant that it was hit by a ransomware attack.

Without an actual statement from Dish, or internal information that The Register could verify, it falls to speculation to determine whether ransomware was the cause of Dish's troubles, but luckily the corporation included one tidbit that could point to such: the culprits did make off with some data.

"On February 27, 2023, the Corporation became aware that certain data was extracted from the Corporation's IT systems as part of this incident," Dish said. Leaving the door as open as it possibly could, the company added that "it is possible the investigation will reveal that the extracted data includes personal information," though whether that's customer or employee info is unclear, and Dish didn't answer that question either.

"The security of our customers' data is important to us, and if we learn that information was compromised, we'll take the appropriate steps and let any impacted customers know," a Dish spokesperson told us in an emailed statement. 

• Dish multi-day outage rolls on as ransomware fears grow
• US Marshals Service leaks 'law enforcement sensitive information' in ransomware incident
• Lufthansa flights grounded by major IT snafu, 'construction work' blamed
• What's up with IT, Doc? Rabbit hole reveals cause of outage

Whether or not Dish was hit with ransomware, it's unlikely to pull free from this kerfuffle anytime soon. Dish stock dropped nearly six percent today on its admission of a cybersecurity kerfuffle, and a near-simultaneous announcement that Bank of America double-downgraded Dish stock from buy to underperform, and cut its price target from $30 to $10 - lower than its value of $11 at time of writing. BoA did say that its downgrade wasn't directly related to the outage, and was instead based on the company's balance sheet and the future of its 5G services.

Dish also said in its annual report that it lost more than 200,000 Dish TV subscribers in the final three months of the year.

"Any deterioration in our operational performance and subscriber satisfaction could adversely affect our business, financial condition and results of operations," it reported. ®