Malware
DICK’S Sporting Goods Halts Email & Locks Employee Accounts Following Intense Cyberattack
US retailer Dick’s Sporting Goods suffered a cyberattack, prompting the company to shut down employee email accounts and reset passwords. Discover how the attack unfolded and what measures the company is taking to prevent future incidents.
Last Wednesday, DICK’S Sporting Goods, the largest chain of sporting goods retail stores in the United States, discovered a cyberattack that exposed confidential information. With $12.98 billion in revenue in 2023 and over 857 stores across the country, this breach impacts a significant number of people.
Responding to the Cyberattack
In a filing with the U.S. Securities and Exchange Commission (SEC), DICK’S has hired outside cybersecurity experts to help contain the security breach and assess the impact. The company stated, “On August 21, 2024, the Company discovered unauthorized third-party access to its information systems, including portions of its systems containing certain confidential information.”
As soon as the incident was detected, DICK’S activated its cybersecurity response plan and engaged external cybersecurity experts to investigate, isolate, and contain the threat.
Keeping Information Under Wraps
According to an anonymous source, the company has been tight-lipped about the breach and has instructed employees not to discuss it publicly or put any information in writing. The same source revealed that email systems had been shut down, likely to isolate the attack, and all employees were locked out of their accounts. IT staff is now manually validating employees’ identities on camera before granting access to internal systems.
In an internal memo, DICK’S informed employees that most of them no longer have access to their systems due to a “planned activity” and that team leaders will contact them via personal email or text for further instructions.
Business Operations Unaffected
Phone lines at local stores are currently down due to the incident, but the company has reported no disruption to their business operations to date. In their SEC filing, DICK’S stated, “The Company has also notified federal law enforcement. The Company has no knowledge that this incident has disrupted business operations. The Company’s investigation of the incident remains ongoing.”
Although the company believes the incident is not material at this point, the investigation is still in progress, and the full impact remains to be seen.
What You Can Do
Cybersecurity is a critical concern for businesses and individuals alike. We at IT Services are committed to keeping you informed and protected. Stay tuned for updates on this situation, and don’t hesitate to reach out to us for advice and assistance in safeguarding your personal and professional information. Let’s work together to stay one step ahead of cyber threats.