Dick’s Sporting Goods Discloses Cyberattack

Share This Post

Retail chain Dick’s Sporting Goods has disclosed a cyberattack that potentially resulted in unauthorized access to confidential information.

In a regulatory filing with the Securities and Exchange Commission (SEC), Dick’s Sporting Goods said company discovered unauthorized third-party access to its information systems on August 21. The breach exposed portions of the company’s IT systems containing confidential information.

The company said it immediately activated its cyber response plan and engaged with security experts to investigate, isolate, and contain the attack. “The company has no knowledge that this incident has disrupted business operations.”

While an investigation is ongoing, the retail chain said it did not believe that the attack was material. Federal law enforcement has been notified.

What Dick’s Sporting Goods did not say was how the attackers gained access to its network, whether personal information was stored on the compromised systems, and whether any threat actor attempted to extort it following the attack.

SecurityWeek has not seen any known ransomware groups claiming responsibility for the attack.

Given the company’s description of the incident, it is likely either that the attackers were not part of a ransomware group or that its security team discovered the intrusion before file-encrypting malware could be deployed.

SecurityWeek has emailed Dick’s Sporting Goods for additional information on the attack and will update this article as soon as a reply arrives.

Advertisement. Scroll to continue reading.

Founded in 1948, the retailer operates over 850 Dick’s Sporting Goods, Golf Galaxy, Public Lands, Moosejaw, Going Going Gone! and Warehouse Sale stores, an online store, a mobile app, Dick’s House of Sport and Golf Galaxy Performance Center, and mobile live streaming platform GameChanger.

Related: Cloud Misconfigurations Expose 110,000 Domains to Extortion

Related: Oil Giant Halliburton Confirms Cyber Incident, Details Scarce

Related: Staples Confirms ‘Cybersecurity Risk’ Disrupting Online Stores

Related: Extortionist Hacker Group SnapMC Breaches Networks in Under 30 Mins

This post was originally published on this site

More Articles
Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .