Sinclaire TV Stations known as Sinclair Broadcast Group published a press release yesterday where they announced the company being hit by a ransomware attack. It happened during the weekend, as this is the new timeframe most ransomware operators seem to prefer recently. The company also confirmed that the threat actors behind the attack performed network data theft.

On October 16, 2021, the Company identified and began to investigate and take steps to contain a potential security incident. On October 17, 2021, the Company identified that certain servers and workstations in its environment were encrypted with ransomware, and that certain office and operational networks were disrupted. Data also was taken from the Company’s network. The Company is working to determine what information the data contained and will take other actions as appropriate based on its review.


The new cyberattack follows another one that happened in July 2021 when a security breach triggered the need for urgent password changing for all Sinclair stations.

Sinclair TV Stations Hit By a Ransomware Attack

According to BleepingComputer, a source informed the publication that the corporate Active Directory domain represented the means by which the cybercriminals managed to impact several Sinclair TV Stations. The Active Directory services would have been shut down and the network domain resources access would have been blocked. This also impacted various corporate assets including newsroom systems, broadcasting, and e-mail servers. That is why there was a need for Gmail account creation in order for the TV stations to further get news tips and newscast graphics were managed via Powerpoint.

What Was the Status After the Attack?

Some Sinclair TV stations started to slowly recover after the attack. As the same publication says, a source informed them that the weather graphics did not work very well, even though KABB was working. WCHS was running well too, but standard graphics for WPGH and KOKH could not be displayed properly. WPFO was a little bit more impacted than the other stations, as the usual full-hour newscast was not possible, so it was shortened to half an hour.

What Measures Have Been Implemented By Now?

After the incident happened, the enterprise took immediate measures by notifying the senior management and conducting an incident response plan. Of course, an investigation followed involving parties like a cybersecurity company, legal team, and experts on crisis response.

Promptly upon detection of the security event, senior management was notified, and the Company implemented its incident response plan, took measures to contain the incident, and launched an investigation. Legal counsel, a cybersecurity forensic firm, and other incident response professionals were engaged. The Company also notified law enforcement and other governmental agencies. The forensic investigation remains ongoing. While the Company is focused on actively managing this security event, the event has caused – and may continue to cause – disruption to parts of the Company’s business, including certain aspects of its provision of local advertisements by its local broadcast stations on behalf of its customers. The Company is working diligently to restore operations quickly and securely. As the Company is in the early stages of its investigation and assessment of the security event, the Company cannot determine at this time whether or not such event will have a material impact on its business, operations or financial results.


Sinclair TV stations: Who Is Sinclair Broadcast Group?

Sinclair Broadcast Group stands for an American conglomerate in the telecommunications field, being the U.S. second-biggest television station operator with its headquarters in Baltimore.

How to Stay Safe?

Ransomware attacks are more frequent day by day, so the need to invest in good cybersecurity solutions is a must now. Check out our Ransomware Encryption Protection, a 100% signature-free revolutionary product with detection features and the capacity to not let data encryption reach your network.

Did you enjoy this article? Follow us on LinkedIn, Twitter, Facebook, Youtube, or Instagram to keep up to date with everything we post!

Ransomware-as-a-Service (RaaS) – The Rising Threat to Cybersecurity

Ransomware Payouts in Review: Highest Payments, Trends & Stats

Most Dangerous Ransomware Groups in 2022 You Should Know About

Ransomware Explained. What It Is and How It Works

Leave a Reply

Your email address will not be published. Required fields are marked *