Local television station CBS6-WRGB, the Capital Region affiliate of Sinclair Broadcast Group, appears to have been affected by a ransomware attack that disrupted operations throughout the national TV station operator’s network over the weekend and on Monday. Sinclair is one of the largest TV operators in the country, with 185 television stations in 86 markets.
As early as 5 a.m. on Sunday, CBS6 began experiencing intermittent outages at its Niskayuna office, including in its phone and Wi-Fi service, according to a news producer outside the building on Monday. The news producer, who did not want to be identified, said the intermittent disruption was still ongoing, but the local station was able to air broadcasts. CBS6’s main phone line was down on Monday.
Vincent Nelson, vice president and general manager of WRGB and WCWN, wouldn’t comment further on the disruption beyond providing the following written statement to The Daily Gazette: “Sinclair Broadcast Group recently identified a cybersecurity incident involving our network,” Nelson wrote. “As a result of the incident, certain devices were encrypted with ransomware, data was taken from our environment, and certain business operations have been disrupted.”
Karen Male, assistant news director at CBS6, said via cellphone on Monday that she was not able to comment further on the breach and its impact on the local affiliate station.
Sinclair corporate office confirmed the ransomware attack in a Monday news release. In the release, Sinclair said it identified and began to investigate a cybersecurity incident on Oct. 16. The next day, Sinclair found “certain servers and workstations in its environment encrypted with ransomware,” and that some office and operational networks were disrupted, according to the release. The release also said data was taken from Sinclair’s network, but the company was still working to identify specifics. Sinclair was working with law enforcement and other government agencies in the investigation, the release said.
The company is still determining the full impact of the breach, according to the release.