DICK’S Sporting Goods Breach: Hackers Access Confidential Company Information

US retail giant DICK’S Sporting Goods has recently disclosed a cybersecurity breach that occurred last week, allowing hackers to infiltrate its internal networks and access confidential company information. The breach was discovered on August 21st, prompting the company to file an 8-K breach notification with the US Securities and Exchange Commission (SEC).

Although DICK’S did not specify the exact nature of the sensitive data accessed by the unauthorized third party, the company confirmed that certain confidential information stored in its systems was compromised. In response to the breach, DICK’S activated its cybersecurity response plan and notified federal law enforcement. The company is also collaborating with external cybersecurity experts to investigate, isolate, and contain the threat.

Despite the breach, DICK’S assured that its business operations were not impacted, and the incident was deemed not material. The Fortune 500 company, headquartered in Pennsylvania, operates over 850 retail locations nationwide and serves more than 150 million customers both in-person and online.

Security experts emphasize the importance of incident response plans in mitigating cyber threats. Ilia Sotnikov, a Security Strategist at Netwrix, commended DICK’S swift response in containing the breach before significant harm could be done. Sotnikov highlighted the necessity of involving external experts in incident response to effectively manage cyber incidents.

As investigations continue, DICK’S remains vigilant in safeguarding its systems and customer data. The retail chain’s annual revenue in 2023 was reported at $12.4 billion, according to Statista. Despite the breach, no cybercriminal group has claimed responsibility for the attack.