DICK’s Sporting Goods says confidential data exposed in cyberattack
- by nlqip
DICK’S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that confidential information was exposed in a cyberattack detected last Wednesday.
Founded in 1948, DICK’S operates 857 stores across the United States and has reported $12.98 billion in revenue in 2023. As of February 2024, the Fortune 500 company employs over 55,500 people (18,900 full-time and 36,600 part-time).
According to a filing with the U.S. Securities and Exchange Commission (SEC), the company has hired outside cybersecurity experts to help contain the security breach and assess the cyberattack’s impact.
“On August 21, 2024, the Company discovered unauthorized third-party access to its information systems, including portions of its systems containing certain confidential information,” the retailer giant said.
“Immediately upon detecting the incident, the Company activated its cybersecurity response plan and engaged with its external cybersecurity experts to investigate, isolate, and contain the threat.”
According to a source who requested anonymity to speak freely, the company has provided few details about the breach and is telling employees not to discuss it publicly or put anything in writing.
The same source told BleepingComputer that email systems had been shut down, likely to isolate the attack, and all employees had been locked out of their accounts. IT staff is now manually validating employees’ identities on camera before they can regain access to internal systems.
In an internal memo shared with BleepingComputer, Dick’s told employees that most of them no longer have access to their systems because of a “planned activity” and that their team leaders will contact them via personal email or text for further instructions.
In today’s SEC filing, the Fortune 500 retailer says it has also reported the breach to relevant law enforcement authorities and that, for the moment, the incident had no impact on the company’s operations.
“The Company has also notified federal law enforcement. The Company has no knowledge that this incident has disrupted business operations,” DICK’S added.
“The Company’s investigation of the incident remains ongoing. Based on the Company’s current knowledge of the facts and circumstances related to this incident, the Company believes that this incident is not material.”
A DICK’S spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.
Source link
lol
DICK’S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that confidential information was exposed in a cyberattack detected last Wednesday. Founded in 1948, DICK’S operates 857 stores across the United States and has reported $12.98 billion in revenue in 2023. As of February 2024, the Fortune 500 company…
Recent Posts
- The 10 Hottest Semiconductor Startups Of 2024
- Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
- Healthcare Ransomware Attacks: How to Prevent and Respond Effectively | BlackFog
- Black Friday Versus The Bots
- Over 2,000 Palo Alto firewalls hacked using recently patched bugs