DISH Customers Left in the Dark Weeks After Cyberattack

DISH customers continue to face issues as the American TV and satellite broadcast provider reels from the cyberattack that wreaked havoc over two weeks ago. Customers still encounter problems accessing their DISH accounts and services, and are still in the dark as to whether their personal data was compromised in the attack. However, the network service provider has yet to provide a significant response to these concerns.

Speaking to DISH customers, TechCrunch reported that it “heard from customers that still have no access to DISH, or services through its subsidiaries like Boost Mobile.” Some users also complained about being unable to contact the customer support staff, while others said “they have been affected by email and voice phishing attacks exploiting the uncertainty around the Dish incident.” Users have also been locked out of their accounts and payment services, leading to the disconnection of their DISH services.

Edward Wietecha, a DISH spokesperson, addressed the issue while speaking to TechCrunch and confirmed these issues were reported by customers ever since the cyberattack. Wietecha added, "customers who had their service temporarily suspended for nonpayment received additional time until our payment systems were restored.” However, no comment was made on whether customer data was compromised in the attack.

Worryingly, a former DISH employee has stated that the service provider indefinitely stores critical customer information such as names, email addresses, phone numbers, Social Security Numbers, and payment information, all of which could have been exposed by the ransomware attack. This includes past and present customers — even prospective customers that did not pass DISH’s initial credit check.

As confirmed through a public filing on February 28th, the cyberattack caused a network outage that affected DISH’s internal servers and systems. As reported by the BleepingComputer, the outage spread across “Dish.com, the DISH Anywhere app, Boost Mobile (a subsidiary owned by DISH Wireless), and other websites and networks operated by DISH Network”.

Sources told BleepingComputer the hackers compromised DISH’s Windows domain controllers and then encrypted its VMware ESXi servers and backups. However, at the time of writing, these sources could not be verified and no ransomware gang or individual has come forward to claim responsibility for the attack.