Yahoo Autos Dish customers kept in the dark as ransomware fallout continues
Dish customers are still looking for answers two weeks after the U.S. satellite television giant was hit by a ransomware attack.
In a public filing published on February 28, Dish confirmed that ransomware was to blame for an ongoing outage and warned that hackers exfiltrated data, which “may” include customers’ personal information, from its systems.
Dish hasn’t provided a substantive update since, despite customers continuing to experience issues — or know if their personal data is at risk.
TechCrunch has heard from customers that still have no access to Dish, or services through its subsidiaries like Boost Mobile. Others say they have been unable to contact Dish customer services since the incident began two weeks ago. We have heard from others who say they have been affected by email and voice phishing attacks exploiting the uncertainty around the Dish incident, and TechCrunch has also heard of customers saying their Dish services were disconnected due to ongoing issues at the company, meaning the customers were unable to pay their bill.
In a statement given to TechCrunch on Wednesday, Dish spokesperson Edward Wietecha said that “customers are having trouble reaching our service desks, accessing their accounts, and making payments.” When asked whether Dish was disconnecting customers, Wietecha added that "customers who had their service temporarily suspended for nonpayment received additional time until our payment systems were restored."
Dish declined to share more details on what customer data was accessed during the incident, with Wietecha telling TechCrunch that “these types of investigations take time.” Instead, Wietecha shared almost an exact copy of the company's statement that has barely changed since it was first published.
TechCrunch also heard that the impact of the breach could extend far beyond Dish’s 10 million-or-so customers. A former Dish retailer told TechCrunch that Dish retains a wealth of customer information on its servers, including customer names, dates of birth, email addresses, telephone numbers, Social Security numbers and credit card information. The person said that this information is retained indefinitely, even for prospective customers that didn’t pass Dish’s initial credit check.
