The Story Behind Dish & Sling TV’s Security Breach That Infected Over 10,000 Computers & How Dish Responded




Over a month ago, Dish suffered a security break that knocked Dish’s website and others they owned offline. Now, Dish, Boost Mobile, Sling TV, and AirTV’s websites are all back online. This also includes Dish and Sling TV’s apps being back at 100%. But what happened, and how did Dish respond? Thanks to a Dish employee’s post on Reddit, we now know most of what happened, including the message that treated Dish employees when they turned on their computers.

According to the Dish employee, we now know what Dish did, and even though the employee didn’t confirm they worked for Dish but did confirm their parent company owns Blockbuster, which Dish owns in the Reddit post.

According to the report, Dish’s security breach started around 9 pm on the day of the attack. Overnight Dish worked hard to stop the attack and identified the infection but was unable to stop it from infecting over 10,000 windows PC. By 7:30 am, everything at Dish was shut down, and Dish was locked out including staff that was remote on Dish VPNs.

When Dish employees logged in, they found messages from the attackers informing them not to try and edit anything or their data will be corrupted.

According to Dish staff, the attack was targeting windows PC on the Dish network. The good news for Dish was that Macs running on the Dish network ended up being unaffected by this attack.

Dish reportedly declined to pay the ransom and instead rebuilt its services from backups. According to Dish employees, Dish went computer by computer to reimage them and rebuild its networks. Dish used saved backups of their servers to restore them and get them back online.

After the attack, Dish reportedly fired the company that was in charge of antivirus and security. According to Dish, well, it spotted the attack it failed to stop the attack.

Thankfully for Dish, it seems a few things saved the company. First, Dish had backups of its servers that did not get infected by the ransomware. Second, Dish used a double admin rights system that required a separate set of admin rights when installing something. It seems this second set of admin rights was not affected, allowing Dish to wipe its systems and restore to backups.

Attacks like this are very hard to stop. One employee making a mistake will open your company up to attacks like this. DISH was able to surprisingly quick get back online, considering the scale of the attack.

Disclaimer: To address the growing use of ad blockers we now use affiliate links to sites like, streaming services, and others. Affiliate links help sites like Cord Cutters News, stay open. Affiliate links cost you nothing but help me support my family. We do not allow paid reviews on this site. As an Amazon Associate I earn from qualifying purchases.

Subscribe to Our Newsletter

* indicates required

Please select all the ways you would like to hear from :

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp’s privacy practices here.