Dick’s Sporting Goods reveals cyberattack, shuts down employee emails

It doesn’t appear to be ransomware, but the company has still shut down some systems

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Dick’s Sporting Goods appears to have been caught with its pants down after suffering a cyberattack that resulted in the theft of sensitive company data.

The sporting goods store filed an8-K formwith the US Securities and Exchange Commission (SEC), notifying the regulator of a cybersecurity incident.

“On August 21, 2024, the company discovered unauthorized third-party access to its information systems, including portions of its systems containing certainconfidential information,” Dick’s said in the filing.

No disruptions

The company said it immediately activated its cybersecurity response plan after uncovering the incident, and said it had engaged with external cybersecurity experts to “investigate, isolate, and contain” the threat. The federal police have also been notified.

While Dick’s did admit certain confidential information was accessed, it did not say exactly what it was, nor who it belongs to. Online chatter points to the data belonging to company members, but there is no confirmation yet.

At the same time, an anonymous source toldBleepingComputerthe company shut down its email systems and locked all employees out of their accounts. The IT department started manually validating employee identities via cameras, before granting them access to the emails again. The company allegedly told its employees that the access was barred due to “planned activity” and that they will be notified of further instructions by their team leaders. Phone lines also seem to have been shut down.

TechRadar Pro has reached out to Dick’s and will update if we hear back.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Elsewhere in the filing, the company also said it has “no knowledge that this incident has disrupted business operations.” In other words, it continued working as usual while the data breach was happening, suggesting that this probably wasn’t a ransomware attack. It’s also worth mentioning that many ransomware operators don’t even bother deploying the encryptor, since it can extort the same amount of money by just threatening to leak stolen data. It’s cheaper, yet equally effective.

“The company’s investigation of the incident remains ongoing,” the filing concludes. “Based on the company’s current knowledge of the facts and circumstances related to this incident, the company believes that this incident is not material.”

ViaThe Register

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Your doctor may have an AI assistant taking notes during your next Zoom call