The Sinclair Broadcast Group said Monday that some of its servers and work stations were encrypted with ransomware and that data was stolen from the company’s network. The company operates dozens of TV stations across the United States, including two in Maine.

The company said it started investigating Saturday, and on Sunday it found that some of its office and operational networks were disrupted.

The Hunt Valley, Maryland-based company either owns or operates 21 regional sports networks and owns, operates or provides services to 185 television stations in 86 markets. Maine stations owned and operated by the company include WPFO (Fox) and WGME (CBS).

The broadcast group did not immediately say how many TV stations were directly affected.

Nashville, Tennessee’s WZTV put out a notice on its website Monday about “serious technical issues” at the TV station affecting its ability to stream content.

“We are also currently unable to access our email and your phone calls to the station,” it said.


Sinclair said it’s taken measures to contain the breach and that its investigation is ongoing. However, it said that the data breach has caused – and may continue to cause – disruption to parts of its business, including aspects of local advertisements by local broadcast stations. The company said it is working to restore operations.

Sinclair said it can’t determine whether the data breach will have a material impact on its business, operations or financial results.

Ransomware attacks, in which cyber criminals encrypt an organization’s data and then demand payment to unscramble it, are a growing scourge in the United States. The Biden administration has pledged to disrupt and prosecute criminal networks like the one that attacked a major U.S. pipeline company in May. The attack on Colonial Pipeline, which led to gas shortages along the East Coast, was attributed to a Russia-based gang of cybercriminals.

Ransomware payments reached more than $400 million globally in 2020 and topped $81 million in the first quarter of 2021, according to the U.S. government.

Crane Hassold, director of threat intelligence at Abnormal Security, said the hackers behind the ransomware attack on Sinclair could have gotten into the company’s system a while ago.

“With many ransomware attacks these days, the initial access that precipitated the attack generally occurs weeks, if not months, ahead of time,” he said.

Several media outlets have been hit by ransomware attacks in recent years. Cox Media Group, a major media conglomerate, said recently it was the target of a ransomware attack this year. And a ransomware attack briefly knocked the Weather Channel off air in 2019.

Sinclair shares declined about 3.3 percent in afternoon trading.

Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.

Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.