DishNetwork.com Security Breach

The only information someone would be able to access would be...

Name
Address
City, State, ZIP
Account number
Phone number

As far as im aware, credit cards and SSN's are stored in a different database.

A matter of fact im working with echostar with another simmilar issue and I know this for a fact.
 
I had this happen to me about a year or so ago, but I found out about it in a little different way. I received a mailed bill from Dish and it was someone else's bill with my address, etc on it.

I logged on to my account on Dish and sure enough, I was accessing someone else's account information, not mine. I called immediately to Dish. I was escalated up to someone in the US very quickly, and they found the problem quickly and by the next morning, I believe, it was resolved.

They sent a nice letter singed by a VP (don't remember who as it has been so long ago) explaining what had happenned. I felt Ok with my incident because it was handled quickly and with the correct amount of urgency.
 
Welcome to SatGuys, shoelace. Even though this has happened to Foxbat, SatinKzo, and sampatterson, other long-time members, and mruk69 has experiences with Dish claiming to call when he has proof they didn't, we don't believe ya'... You know, 'cause you've only got (2) posts total...

(hope the sarcasm doesn't escape some)
 
The only information someone would be able to access would be...

Name
Address
City, State, ZIP
Account number
Phone number

As far as im aware, credit cards and SSN's are stored in a different database.

A matter of fact im working with echostar with another simmilar issue and I know this for a fact.

That makes sense if there are 2 databases. Obviously there is a bug in the code that cross references the databases. The foreign key to the second database is either one: not unique (which is VERY bad database design) or two: the system is homegrown by Dish and has the flaw of too many different programmers working on it over the years.
 
On a perhaps related note, I wonder why the Directv forum has so few posts comparative with the Dish Network forum, even though DirecTv has like 4 million more subscribers.

Could it be fewer unsatisfied subscribers with fewer MAJOR problems such as the one described in this thread?
 
"the system is homegrown by Dish and has the flaw of too many different programmers working on it over the years."

This is most likely the problem since we all know E*'s reputation of writing code. It's happened to several people so I do believe the OP, the only thing I didn't like was that he left the names in the emails (he already removed them).
 
On a perhaps related note, I wonder why the Directv forum has so few posts comparative with the Dish Network forum, even though DirecTv has like 4 million more subscribers.

Could it be fewer unsatisfied subscribers with fewer MAJOR problems such as the one described in this thread?

Or maybe it could be that they don't have as many leaks for inside information... which start rumors on the boards here which cause a lot more traffic.
 
Gather all supporting documentation (printed screen-shots, etc.) and file a complaint with the FTC and also with your state's Attorney General. There are a variety of federal and state laws that direct the safeguarding of personal, financial, and health related information from improper disclosure. Dish Network has a legal obligation to exercise due-care and due-dilligence when processing this information. You may even wish to contact the other party and let them know their personal information and financial information has been disclosed to unauthorized parties.
 
"You may even wish to contact the other party and let them know their personal information and financial information has been disclosed to unauthorized parties."

I thought that by law, Dish Network had to let the customer know that his/her personal information and financial info has been breached. Isn't that the case?
 
I'm shocked. This leads me to believe there is a much bigger breach in their security if this has happened before and continues to happen.

I do not feel comfortable (nor responsible) to contact the woman whose personal billing information I could see when I accessed my account. I feel that should be done by E* but they have been unresponsive when I asked if they did (so I assume they didn't).

riffjim4069, thanks for your advice. I had already filed a compliant with the Better Business Bureau, but I went ahead and filed one with the FTC, too. I suggest everyone else who's been subjected to their security breach do the same. Heres' FTC's online complaint form:

https://rn.ftc.gov/pls/dod/wsolcq$.startup?Z_ORG_CODE=PU01
 
For anyone filing a complaint with the FTC, please point them to this thread as an informal record of the extent of the problem.
 
Here is what doesn't make any sense to me. I just logged into my own account and the only information I can see is my Name, address, phone number (all of which are available in the phone book), my dish account number (not worried at all about that), and my security question answer. I am on credit card auto pay but can't see my credit cared number. So what page is it that you can see this information?
 
When it happened to me, it was on a page that came up after I logged (I am no longer a dish sub so I can't tell you what it is anymore), but it had more info than the standard page that I normally saw.

I never saw a full CC number, but other info about the account of the person who I was able to see was there as was stated by the OP.
 
The only thing I can find with any part of a credit card number at all is the payment history that has all but the last 4 digits ****'d out. (Which is the same as every single credit card receipt that you get). I flat out don't believe that the OP could see the person's CC number. So like I said all the information that was available was public information (with the exception of the person's dog's name - who cares). It is obviously a problem on E*'s side, but I don't see the cause for concern about identity theft.
 
The only thing I can find with any part of a credit card number at all is the payment history that has all but the last 4 digits ****'d out. I flat out don't believe that the OP could see the person's CC number.
What part of "system glitch" do you not get ?? No one suggested this happens everytime to everyone. Others have seen it happen too and they've been around this site for a while (unlike the thread starter). Do you not believe them too ??
 
The only thing I can find with any part of a credit card number at all is the payment history that has all but the last 4 digits ****'d out. (Which is the same as every single credit card receipt that you get). I flat out don't believe that the OP could see the person's CC number. So like I said all the information that was available was public information (with the exception of the person's dog's name - who cares). It is obviously a problem on E*'s side, but I don't see the cause for concern about identity theft.


It was a system glitch. Looks like when it happens, the customer that logs in has access to a different database and can see information that is available only to internal employees.
 
Update: I received my bill this week in the mail and the HD programming rebate had been applied. There was, of course, no mention of the rebate being months late. However, I believe the HD credit issue has been resolved, albeit unsatisfactorily. I let the person I've been dealing with at E* know that others have been subjected to the this same security breach, some in recent weeks and others months ago. If you would like to contact him directly, please send me an private message, and I'll forward his contact information. He's been very responsive but unfortunately not forthcoming about the extent of this problem. I firmly believe there should be some accountability of the part of E* so customers whose personal information has been breached can change their security questions or check their credit reports for inaccuracies or whatever. Thanks to everyone who's provided assistance here.
 
***

Users Who Are Viewing This Thread (Total: 1, Members: 0, Guests: 1)

Who Read This Thread (Total Members: 1)