Dick's Sporting Goods reveals cyberattack, shuts down employee emails

News
By published

It doesn't appear to be ransomware, but the company has still shut down some systems

Image Credit: Lolloj / Shutterstock (Image credit: Image Credit: Lolloj / Shutterstock)
Jump to:

Dick’s Sporting Goods appears to have been caught with its pants down after suffering a cyberattack that resulted in the theft of sensitive company data.

The sporting goods store filed an 8-K form with the US Securities and Exchange Commission (SEC), notifying the regulator of a cybersecurity incident.

“On August 21, 2024, the company discovered unauthorized third-party access to its information systems, including portions of its systems containing certain confidential information,” Dick's said in the filing.

No disruptions

The company said it immediately activated its cybersecurity response plan after uncovering the incident, and said it had engaged with external cybersecurity experts to “investigate, isolate, and contain” the threat. The federal police have also been notified.

While Dick's did admit certain confidential information was accessed, it did not say exactly what it was, nor who it belongs to. Online chatter points to the data belonging to company members, but there is no confirmation yet.

At the same time, an anonymous source told BleepingComputer the company shut down its email systems and locked all employees out of their accounts. The IT department started manually validating employee identities via cameras, before granting them access to the emails again. The company allegedly told its employees that the access was barred due to “planned activity” and that they will be notified of further instructions by their team leaders. Phone lines also seem to have been shut down.

TechRadar Pro has reached out to Dick's and will update if we hear back.

Elsewhere in the filing, the company also said it has “no knowledge that this incident has disrupted business operations.” In other words, it continued working as usual while the data breach was happening, suggesting that this probably wasn’t a ransomware attack. It’s also worth mentioning that many ransomware operators don’t even bother deploying the encryptor, since it can extort the same amount of money by just threatening to leak stolen data. It’s cheaper, yet equally effective.

“The company's investigation of the incident remains ongoing,” the filing concludes. “Based on the company's current knowledge of the facts and circumstances related to this incident, the company believes that this incident is not material.”

Via The Register

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Mizuno USA says hackers were able to breach networks, steal data for months
Code Skull
Casio confirms data of 8,500 people exposed in recent ransomware attack
A person holding a credit card in one hand while typing on a laptop keyboard with the other.
Green Bay Packers online store used to steal fan credit card details
Red padlock open on electric circuits network dark red background
Newspaper printing across US hit after Lee Enterprises says “cybersecurity event” disrupted operations
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
Major breach hits employee screening firm - 3.3 million affected as hackers steal DISA data
Ransomware
Top cannabis brand Stiiizy says hackers got access to its systems
Latest in Security
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Latest in News
Nikon Z5
The Nikon Z5 II could land soon – here's what to expect from Nikon's rumored entry-level full-frame camera
Google Pixel Watch 3
Google Pixel Watches hit with delayed notifications, crashing, and performance issues following Wear OS 5.1 update
Zendesk Relate 2025
Zendesk Relate 2025 - everything you need to know as the event unfolds
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Google Gemini AI
Gemini can now see your screen and judge your tabs
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
More about security
An abstract image of digital security.

Fake file converters are stealing info, pushing ransomware, FBI warns
Microsoft

"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Nikon Z5

The Nikon Z5 II could land soon – here's what to expect from Nikon's rumored entry-level full-frame camera
See more latest
Most Popular
Nikon Z5
The Nikon Z5 II could land soon – here's what to expect from Nikon's rumored entry-level full-frame camera
Google Pixel Watch 3
Google Pixel Watches hit with delayed notifications, crashing, and performance issues following Wear OS 5.1 update
Frank Castle pinning Matt Murdock against a locker in Daredevil: Born Again episode 4
What time is Daredevil: Born Again episode 5 going to be released on Disney+?
AMD Ryzen 9950X
I analyzed 25 AMD Zen 4 and Zen 5 CPUs and the Ryzen 9 9900X is the best of them all right now: Here’s why
Ugreen \00d7 Genshin Impact Kinich Collectible Gift Box and exclusive Genshin Impact merchandise.
Ugreen reveals exclusive Genshin Impact collection and they're some of the most eye-catching charging products I've ever used
Zendesk Relate 2025
Zendesk Relate 2025 - everything you need to know as the event unfolds
Google Gemini AI
Gemini can now see your screen and judge your tabs
iFi iDSD Valkyrie in gold, on a beige desk
iFi's iDSD Valkyrie DAC wants to guide your music to the great hall of Valhalla
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
A fresh Samsung Galaxy S25 Edge leak hints at a 2K display and a titanium frame
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it