Sinclair Broadcast Group has confirmed it was hit by a ransomware attack over the weekend affecting operations at its properties across the country.
While Sinclair no longer owns any radio properties, the cluster of Seattle radio stations the company recently sold to Lotus Communications continues to be co-located at Sinclair’s offices in the KOMO Plaza building. Local reports indicate that Hot AC “Star 101.5” KPLZ-FM has had intermittent dead-air, songs skipping, and no imaging between songs. News 1000 KOMO/97.7 KOMO-FM was running a replay of a longform talk show rather than its regular news programming on Sunday afternoon. Online streaming is also down for KPLZ-FM, KOMO and Conservative Talk 570 KVI.
Sinclair states that certain servers and workstations in its environment were encrypted with ransomware, and that certain office and operational networks were disrupted, while data was taken from the company’s network.
Sinclair Broadcast Group, Inc. (Nasdaq: SBGI) today provided information on a recent cybersecurity incident.
On October 16, 2021, the Company identified and began to investigate and take steps to contain a potential security incident. On October 17, 2021, the Company identified that certain servers and workstations in its environment were encrypted with ransomware, and that certain office and operational networks were disrupted. Data also was taken from the Company’s network. The Company is working to determine what information the data contained and will take other actions as appropriate based on its review.
Promptly upon detection of the security event, senior management was notified, and the Company implemented its incident response plan, took measures to contain the incident, and launched an investigation. Legal counsel, a cybersecurity forensic firm, and other incident response professionals were engaged. The Company also notified law enforcement and other governmental agencies. The forensic investigation remains ongoing.
While the Company is focused on actively managing this security event, the event has caused – and may continue to cause – disruption to parts of the Company’s business, including certain aspects of its provision of local advertisements by its local broadcast stations on behalf of its customers. The Company is working diligently to restore operations quickly and securely.
As the Company is in the early stages of its investigation and assessment of the security event, the Company cannot determine at this time whether or not such event will have a material impact on its business, operations or financial results.
As the Company conducts its investigation, it will look for opportunities to enhance its existing security measures.