Dick's Sporting Goods reveals cyberattack, shuts down employee emails
It doesn't appear to be ransomware, but the company has still shut down some systems
Dick’s Sporting Goods appears to have been caught with its pants down after suffering a cyberattack that resulted in the theft of sensitive company data.
The sporting goods store filed an 8-K form with the US Securities and Exchange Commission (SEC), notifying the regulator of a cybersecurity incident.
“On August 21, 2024, the company discovered unauthorized third-party access to its information systems, including portions of its systems containing certain confidential information,” Dick's said in the filing.
No disruptions
The company said it immediately activated its cybersecurity response plan after uncovering the incident, and said it had engaged with external cybersecurity experts to “investigate, isolate, and contain” the threat. The federal police have also been notified.
While Dick's did admit certain confidential information was accessed, it did not say exactly what it was, nor who it belongs to. Online chatter points to the data belonging to company members, but there is no confirmation yet.
At the same time, an anonymous source told BleepingComputer the company shut down its email systems and locked all employees out of their accounts. The IT department started manually validating employee identities via cameras, before granting them access to the emails again. The company allegedly told its employees that the access was barred due to “planned activity” and that they will be notified of further instructions by their team leaders. Phone lines also seem to have been shut down.
TechRadar Pro has reached out to Dick's and will update if we hear back.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Elsewhere in the filing, the company also said it has “no knowledge that this incident has disrupted business operations.” In other words, it continued working as usual while the data breach was happening, suggesting that this probably wasn’t a ransomware attack. It’s also worth mentioning that many ransomware operators don’t even bother deploying the encryptor, since it can extort the same amount of money by just threatening to leak stolen data. It’s cheaper, yet equally effective.
“The company's investigation of the incident remains ongoing,” the filing concludes. “Based on the company's current knowledge of the facts and circumstances related to this incident, the company believes that this incident is not material.”
Via The Register
More from TechRadar Pro
- A million airport parking customers affected in huge data breach
- Here's a list of the best firewall software around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.