Dish Facing Class-Action Lawsuits in Aftermath of Ransomware Attack
Dish's stock dropped 6.5% after it confirmed the ransomware attack and said personal information was stolen.
Dish Network now faces at least two shareholder class-action lawsuits in response to a widespread outage the company attributes to a ransomware attack. Personal information was likely stolen by the malicious hacker(s).
Bragar Eagel & Squire, and Bernstein Liebhard filed the class-action lawsuits in the U.S. District Court for the District of Colorado. The suits are on behalf of investors who bought or otherwise acquired Dish securities between Feb. 22, 2021, and Feb. 27, 2023.
Bernstein Liebhard’s class-action lawsuit also alleges violations of the Securities Exchange Act of 1934.
Throughout the class period, Dish made materially false and misleading statements regarding the company’s business, operations and prospects, Bragar Eagel & Squire said.
In a U.S. Securities and Exchange Commission (SEC) filing, Dish said the network outage affected internal servers and IT telephony. It also said the threat actor(s) extracted certain data from its IT systems.
Customers Still Don’t Know if Their Personal Information was Stolen
Over the weekend, the Wall Street Journal reported Dish is still working to get all of its operations up and running. Customers said they are still struggling to access certain services such as HBO Max and other third-party streaming services, access their accounts and reach customer-service call centers. In addition, customers are waiting for updates on whether their personal information was compromised.
We couldn’t reach Dish for comment on the lawsuits. Its website no longer details any issues stemming from the cyberattack.
On Feb 24, Dish announced that a “network outage” caused the company’s websites and apps to cease functioning. That subjected customers to authentication issues when signing into TV channel apps using their Dish credentials, and appeared to render the company’s call center phone numbers unreachable, according to the lawsuits.
Then, on Feb. 28, Dish confirmed it had “determined that the outage was due to a cybersecurity incident and notified appropriate law enforcement authorities,” adding that the “threat agent” behind the ransomware attack stole data from Dish’s compromised systems, potentially containing personal information, the lawsuits said.
Subsequent Stock Performance
Dish’s stock price subsequently fell 6.5%, closing at $11.41 per share on Feb. 28.
“As a result of defendants’ wrongful acts and omissions, and the precipitous decline in the market value of the company’s securities, plaintiff and other class members have suffered significant losses and damages,” Bragar Eagel & Squire said.
According to the class-action lawsuits, Dish allegedly:
Overstated its operational efficiency and maintained a “deficient” cybersecurity and IT infrastructure.
As a result, Dish was unable to properly secure customer data, leaving it vulnerable to access by malicious third parties.
The foregoing cybersecurity deficiencies also both rendered Dish’s operations susceptible to widespread service outages and hindered the company’s ability to respond to such outages.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author
You May Also Like