DICK'S Sporting Goods, a leading sporting goods retailer in the United States, recently disclosed a cyberattack that exposed confidential information.
The company confirmed the incident in a filing with the U.S. Securities and Exchange Commission (SEC) on Aug. 28.
Details of the Attack Remain Unclear
While the company has acknowledged the breach, specific details about the attack and the nature of the exposed data are currently limited. According to the SEC filing, unauthorized access to DICK'S information systems occurred last Wednesday, Aug. 21.
The filing specifies that compromised systems contained "certain confidential information," but the company has not provided any further clarification on the impacted data types.
Employee Access Restricted in Response to the Attack
In response to the cyberattack, DICK'S implemented measures to contain the incident and protect its systems.
An anonymous source reported that the company shut down email systems and locked employees out of their accounts. IT staff reportedly implemented manual identity verification procedures using cameras before granting access to internal systems.
Internal Communication and Business Operations
DICK's reportedly communicated the incident to employees through an internal memo, attributing the access restrictions to a "planned activity." Team leaders were instructed to contact employees via personal email or text for further instructions. While phone lines at local stores were also reportedly affected, the SEC filing claims that business operations have not been disrupted.
"Immediately upon detecting the incident, the Company activated its cybersecurity response plan and engaged with its external cybersecurity experts to investigate, isolate, and contain the threat," DICK's said.
Investigation and Legal Action
DICK'S has engaged external cybersecurity experts to assess the impact of the attack and investigate the source of the breach. The company also confirmed reporting the incident to federal law enforcement agencies.
What This Means for Customers
At this time, the full extent of the data breach and the potential impact on customers are unknown.
While DICK'S maintains that business operations are unaffected, it's important for customers to remain vigilant and monitor their accounts for any suspicious activity.
Looking Forward: Transparency and Customer Support
DICK'S has not yet publicly addressed the cyberattack. Customers may benefit from a transparent communication strategy from the company, outlining the details of the breach, the types of data potentially compromised, and steps they can take to protect themselves.
If you have any information regarding this incident or other undisclosed cyberattacks, you can contact BleepingComputer confidentially via Signal at 646-961-3731 or at tips@bleepingcomputer.com.
In other news, Tech Times reported that almost 2.7 billion data records have been compromised. The information from National Public Data was posted in a hacking forum in mid-August.