The US-based television company Dish Network appears to have paid a ransom to cyber attackers who breached its systems and carried out extortion in February. Employees were sent letters saying that the perpetrators had confirmed that data had been removed, usually only done following payment of a ransom. However, payment does not guarantee the removal of stolen data and it has previously resulted in victims being subjected to further blackmail. Dish Network has since confirmed that customer data was not affected but confidential records and sensitive information regarding current and former employees and their families were compromised. It has been reported that 296,851 people were affected. While Dish Network did not name the Black Basta group as the attackers, reliable sources suggest they were responsible.
The attack was launched following access to Boost Mobile, a Dish Network subsidiary, before moving on to the main corporate network. VMware ESXI, a virtual infrastructure creation and management tool used by many companies, was among the systems affected.