Opening incident

Loading disclosure

Pulling the filing, breach taxonomy, and impact scoring…

Duke

Blog Incident database Request access

Loading database

Indexing incidents

Fetching SEC-disclosed cyber incidents and Duke's breach taxonomy…

Duke

Blog Incident database Request access

Opening incident

Loading disclosure

Pulling the filing, breach taxonomy, and impact scoring…

DICK'S Sporting Goods, Inc. Unknown (2024) | SEC Cybersecurity Incident | Duke Security

Duke

Blog Incident database Request access

← Back to incidents

Incident · Unknown

DICK'S Sporting Goods, Inc. · DKS

Consumer DiscretionaryUSAIncident August 21, 2024Filed August 28, 2024

Impact score

Business continuity

—

Insurance involved

Not disclosed

Filing

8-K · 8.01

Breach taxonomy

UnknownData ExfilConfidential BizInfo Privacy Loss

Summary

On August 21, 2024, DICK'S Sporting Goods discovered unauthorized third-party access to its information systems, including portions containing certain confidential information. The company activated its cybersecurity response plan, engaged external cybersecurity experts, and notified federal law enforcement. No disruption to business operations was reported. The company determined the incident was not material as of the filing date. Filed under Item 8.01; materiality not yet determined as of filing date.

Tagging rationale

ThreatUnknown

Filing does not attribute the incident to any specific threat actor → UNKNOWN.

MethodsData Exfil

Filing confirms unauthorized third-party access to systems containing confidential information — data access/exfiltration.

AssetsConfidential Biz

Filing states the unauthorized access included portions of systems containing certain confidential information.

EffectsInfo Privacy Loss

Unauthorized access to confidential information with no operational disruption; company determined the incident was not material.

Impact

Unauthorized access to confidential information with no known operational disruption; company determined the incident was not material → score 1.

InsuranceNot disclosed

Filing makes no mention of insurance.

Read the original SEC filing excerpt

Item 8.01 Other Events On August 21, 2024, the Company discovered unauthorized third-party access to its information systems, including portions of its systems containing certain confidential information. Immediately upon detecting the incident, the Company activated its cybersecurity response plan and engaged with its external cybersecurity experts to investigate, isolate and contain the threat. The Company has also notified federal law enforcement. The Company has no knowledge that this incident has disrupted business operations. The Company's investigation of the incident remains ongoing. Based on the Company's current knowledge of the facts and circumstances related to this incident, the Company believes that this incident is not material. Should any of the relevant facts and circumstances substantively change, the Company will reassess materiality considerations in accordance with Item 1.05 of Form 8-K.

View SEC filing Back to database

Get alerts on new incidents

Drop your email and we’ll let you know when fresh SEC disclosures land in the database. No spam.

More in Consumer Discretionary

Unknown · March 28, 2026

Hasbro, Inc.

On March 28, 2026, Hasbro identified unauthorized access to its corporate network. The company activated its security incident response prot…

Unknown · March 19, 2026

RCI Hospitality Holdings, Inc.

RCI Internet Services, a subsidiary of RCI Hospitality Holdings, discovered on March 23, 2026 a cybersecurity incident that began on March 1…

Priv Insider · November 18, 2025

Coupang, Inc.

On November 18, 2025, Coupang Corp. (a Korean subsidiary of Coupang, Inc.) detected a cybersecurity incident in which a former employee may …

Cyber Criminals · October 15, 2025

Jewett-Cameron Trading Co. Ltd.

On October 15, 2025, Jewett-Cameron Trading Co. Ltd. discovered a threat actor had gained unauthorized access to its IT environment, deployi…