WebProNews

Ransomware Survival 101: Don’t Follow Dish Network’s Playbook

DISH Network

Dish Network customers are still in limbo, with few answers weeks after the company was crippled by ransomware.

Dish began experiencing major issues with its website, internal systems, and customer portal going offline in late February. Roughly a week later, the company admitted to suffering a massive ransomware attack, one that crippled operations and resulted in the theft of customer data.

According to TechCrunch, Dish customers still have no idea what is going on, with many of them unable to access customer support, pay their bills, or get any kind of useful information.

In fact, a number of customers have had their service disconnected because they have been unable to log into the customer portal to pay their bills. Others are already experiencing voice and email phishing attempts as hackers try to exploit the lack of information from Dish to take advantage of customers looking for answers.

Company spokesperson Edward Wietecha told TechCrunch that “customers are having trouble reaching our service desks, accessing their accounts, and making payments.” When asked if the company was disconnecting users, Wietecha added that “customers who had their service temporarily suspended for nonpayment received additional time until our payment systems were restored.”

In addition to the trouble Dish’s own customers are having, there is potential for the problem to be much worse and extend beyond Dish’s roughly 10 million customers. A former Dish retailer told TechCrunch that the company retains a veritable treasure trove of customer data from anyone who has ever signed up for Dish service, including those who never became customers because they didn’t pass the credit check. The information includes “customer names, dates of birth, email addresses, telephone numbers, Social Security numbers, and credit card information.” What’s more, it appears that Dish’s policy is to retain the information indefinitely.

Overall, Dish is providing a case study of how not to handle a ransomware attack for any company that wants to come out the other side still having customers.