The DISH Network has been experiencing an outage that began last Thursday, February 23, 2023. It's now Monday, the 27th. The outage coincided with the release of DISH's 4Q22 earnings call and took both the old and new Boost Mobile websites (boostmobile.com and my.boostmobile.com) as well as boostinfinite.com offline. The takedown even made it impossible for some DISH employees to work. Some of DISH's other brand websites unrelated to wireless are now up, however, DISH has stated on Twitter that there are still issues processing customer payments.
The Boost Mobile websites on the other hand continue to be a complete mess. The boostmobile.com homepage is now showing what's supposed to be on the my.boostmobile.com homepage while the my.boostmobile.com site says it's undergoing site maintenance as does the Boost Infinite website. The boostmobile.com homepage when working properly should be redirecting users to my.boostmobile.com. Parts of both websites are somewhat functional as some links on each are accessible.
DISH has not publicly stated what the cause of the problem is. Several outlets including TechCrunch have stated the cause likely stems from a cyberattack. The source of the claims comes from BleepingComputer where several DISH employees have told the outlet a cyberattack is responsible for the outages.
Update 2/28/23 - DISH has finally publicly acknowledged that they've had a "cyber-security incident" as reported by Light Reading. DISH filed form-8k with the SEC today detailing the incident. The report states that they have contacted law enforcement agencies over the attack. DISH is still unable to determine if any personally identifiable information has been stolen, but noted data had been taken from their systems, and "it is possible the investigation will reveal that the extracted data includes personal information." As of right now, the Boost Mobile and Boost Infinite websites still have not been fully restored. DISH claims they are actively engaged in restoring their systems and making steady progress in doing so.
Symptoms Of A Ransomware Attack
PCMag reports that the cause is most likely a Ransomware attack. Anyone whose been in the Garmin ecosystem for the last two and a half years would agree. In July 2020, Garmin's online infrastructure was taken down. Users of the Garmin fitness app, such as this author, were greeted for days with the message "server maintenance, check back shortly." And a more detailed message noting that the Garmin website and app were experiencing an outage as was their call center. About four days later, service began to be restored. And days later, Garmin admitted that it had been hit by a ransomware attack costing it $10 million. How Garmin's ransomware attack manifested itself is pretty much identical to what's happened to DISH and its brands.
The length of time it has taken DISH to get everything back up and running shows how serious the problem is and that a ransomware attack is likely the culprit. Any other type of outage should have been able to be quickly corrected. Perhaps even a ransomware attack may have been able to be more quickly handled with a proper plan in place to tackle such an event.
It is unknown if any customer data was stolen as a result of this hack. But often with ransomware, the purpose isn't to steal customers' data but to get the company hit by the attack to pay a fee to the party responsible for the attack. Once the fee is paid, the attacker gives a key to the affected party allowing them to unlock their files and systems.