Sinclair Broadcast Group Cyber Attack: According to Sinclair Broadcast Group (SBGI), one of the leading television station operators in the United States, a ransomware attack is causing some of its offices and operational networks to be unavailable.
Staffers were informed during an early afternoon town hall meeting held through Zoom that the ripple effects are vast and that the full extent of the ramifications is not yet understood.
In a statement to investors, the company stated that the intrusion “has caused and may continue to cause disruption to portions of the company’s business, including certain aspects of the company’s offering of local advertisements via its local broadcast stations on behalf of its clients.” Nearly 3% of the market’s value was lost in the stock market.
As the firm disclosed in a filing with the Securities and Exchange Commission on Monday, Sinclair Broadcast Group, which owns roughly 300 stations across the country and provides local news services, was the target of a ransomware attack over the weekend.
A potential security incident was found on October 16, 2021, and the Company immediately began investigating and taking preventative measures to contain it. In an SEC filing, the company states that “on October 17, 2021, the Company discovered that some servers and workstations in its environment had been encrypted with ransomware and that certain office and operational networks had been compromised.”
“In addition, data were obtained through the company’s network. The Company is attempting to ascertain what information was contained in the data and will take any actions as necessary as a result of its investigation.”
Despite the fact that the incident is actively being managed, the company warned that “the event has caused – and may continue to cause – disruption to certain aspects of the Company’s business, including certain aspects of the Company’s provision of local advertisements on behalf of its customers by its local broadcast stations.” The company also warned that the incident has caused – and may continue to cause – disruption to parts of its customers’ businesses.
On October 16, 2021, the Company noticed and began investigating a potential security incident, as well as making efforts to contain the situation. A ransomware attack on specific servers and workstations in the Company’s environment was discovered on October 17, 2021, causing the company to discover that certain office and operational networks had been disrupted.
Data was also obtained from the company’s internal network. The Company is attempting to ascertain what information was contained in the data and will take any actions as necessary as a result of its investigation.
Senior management was contacted as soon as the security event was discovered, and the Company immediately followed its incident response plan, took steps to control the situation, and initiated an investigation.
A legal team, a cybersecurity forensics firm and other incident response professionals were called in to assist with the investigation. A notice was also sent to police enforcement and other government agencies by the company. The forensic investigation is still going on at this time.