Sinclair Broadcast Group, which operates dozens of TV stations across the U.S., including KRCG-TV in Mid-Missouri, said Monday some of its servers and workstations were encrypted with ransomware and data was stolen from its network.
The company said it started investigating Saturday, and Sunday it found some of its office and operational networks were disrupted. The broadcast group did not immediately say how many TV stations were directly affected.
The Hunt Valley, Maryland-based company either owns or operates 21 regional sports network and owns, operates or provides services to 185 television stations in 86 markets.
Citing "technical difficulties" affecting its broadcasting, a news anchor at KRCG announced Monday morning on the station's Facebook page that its local morning news programming would be posted to the social media site.
In Toledo, Ohio, WNWO appeared to be off the air Monday afternoon. The station posted on Facebook "our operations are currently limited. We will provide further updates as they become available."
On WJLA, a Sinclair-owned ABC affiliate in Washington, anchors opened their 4 p.m. newscast by telling viewers the station was under cyberattack and its computers and video servers were down. Nashville, Tennessee's WZTV put out a notice on its website Monday about "serious technical issues" at the TV station affecting its ability to stream content.
"We are also currently unable to access our email and your phone calls to the station," it said.
Sinclair said it's taken measures to contain the breach and its investigation is ongoing. However, it said the data breach has caused - and may continue to cause - disruption to parts of its business, including aspects of local advertisements by local broadcast stations. The company said it is working to restore operations.
Sinclair said it can't determine whether the data breach will have a material impact on its business, operations or financial results.
Ransomware attacks, in which cyber criminals encrypt an organization's data and then demand payment to unscramble it, are a growing scourge in the United States. The Biden administration has pledged to disrupt and prosecute criminal networks like the one that attacked a major U.S. pipeline company in May. The attack on Colonial Pipeline, which led to gas shortages along the East Coast, was attributed to a Russia-based gang of cybercriminals.
Ransomware payments reached more than $400 million globally in 2020 and topped $81 million in the first quarter of 2021, according to the U.S. government.
Crane Hassold, director of threat intelligence at Abnormal Security, said the hackers behind the ransomware attack on Sinclair could have gotten into the company's system a while ago.
"With many ransomware attacks these days, the initial access that precipitated the attack generally occurs weeks, if not months, ahead of time," he said.
The News Tribune contributed some information to this AP article.