IE 11 is not supported. For an optimal experience visit our site on another browser.

Dish Network still reeling from week-old ransomware attack

“We are experiencing a system issue that our teams are working hard to resolve,” said a message on Dish’s main page.
A Dish Network Corp. field service specialist during an installation of a satellite television system at a residence in Paramount, Calif., on Nov. 3, 2015.
A Dish Network Corp. field service specialist during an installation of a satellite television system at a residence in Paramount, Calif., on Nov. 3, 2015.Patrick T. Fallon / Bloomberg via Getty Images
/ Source: The Associated Press

BOSTON — The TV provider Dish Network continued to recover Wednesday from a ransomware attack last week that it said disrupted operations, internet sites and call centers. It said unspecified data was stolen and it was investigating whether that included the personal information of customers.

“We are experiencing a system issue that our teams are working hard to resolve,” said a message on Dish’s main page. A separate notice to customers said many were “having trouble reaching our service desks, accessing their accounts, and making payments.” Dish TV was up and running, it added.

As with many victims of ransomware, Dish did not immediately acknowledge the outage’s cause when announcing it on a Feb. 23 earnings call. Instead, it did so in a filing with the Securities and Exchange Commission on Tuesday.

The Colorado-based company’s stock price has fallen 20% since it first reported the incident.

Dish did not respond to detailed questions about the ransomware attack including which criminal group was behind it, how much ransom was demanded and whether the company paid. Nor did it say how long the attackers were inside its network.

Ransomware gangs, which largely operate out of Russia, break into networks and sow malicious code. Before the criminals activate the ransomware, which paralyzes infected machines by encrypting data, they steal files. That increases their chances of obtaining extortion payments and helps explain why ransomware has become the leading global cybersecurity headache.

In an email Wednesday responding to questions from The Associated Press, Dish did not say when it expected to fully recover.

Instead, it sent the notice it had posted online, which said it discovered Monday that some data had been stolen. “It’s possible the investigation will reveal that the extracted data includes personal information.”

“The security of our customers’ data is important to us, and if we learn that information was compromised, we’ll take the appropriate steps and let any impacted customers know,” the notice added.

As of Dec. 31, Dish said it had 7.4 million satellite TV subscribers with 9.7 million PAY-TV and 2.3 million Sling TV subscribers. It also reported 8 million wireless subscribers.