Sinclair Broadcast 'Disrupted’ by Ransomware Attack

A still unknown ransomware group hacked the controversial TV giant Sinclair, causing disruptions at several channels across the United States.

Oct 18 2021, 4:07pm
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.

The TV giant Sinclair Broadcast Group said it was hacked. According to a press release on Monday, the company said it detected a ransomware attack on Saturday. The hackers encrypted "certain servers and workstations," stole data, and disrupted some of its TV stations, according to the announcement.


Sinclair calls itself "the largest and most diversified television broadcasting company in the country," operating and owning more than 600 U.S. TV channels. The ransomware attack appears to have interfered with several broadcasts across the country on Sunday, as reported by the cybersecurity news site The Record

An error occurred while retrieving the Tweet. It might have been deleted.
An error occurred while retrieving the Tweet. It might have been deleted.

In its press release, the company said the hack caused some disruptions. 

"While the Company is focused on actively managing this security event, the event has caused—and may continue to cause—disruption to parts of the Company’s business, including certain aspects of its provision of local advertisements by its local broadcast stations on behalf of its customers," Sinclair wrote in the press release. 

"Sinclair Broadcast Group recently identified a cybersecurity incident involving our network. As a result of the incident, certain devices were encrypted with ransomware, data was taken from our environment, and certain business operations have been disrupted,” A Sinclair spokesperson told Motherboard, but declined to say how many stations had programs disrupted by the hack. “Senior management was notified, and we implemented our incident response and business continuity protocols, took measures to contain the incident, and launched an investigation. A cybersecurity firm that has assisted other companies in similar circumstances was engaged, and law enforcement and other governmental agencies were notified.”

Do you have more information about the ransomware suffered by the Sinclair Broadcast Group? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wire/Wickr @lorenzofb, or email

In the last few years, the company has aggressively attempted to expand its already massive empire with a controversial and failed acquisition of Tribune Media. Regulators worried that the deal would allow Sinclair to control too big a share of the local U.S. news media. Sinclair and its TV stations have long been criticized for being too politicized and pro-Trump

Hackers have targeted TV stations before. Other recent victims of ransomware attacks include The Weather Channel, and Cox Media Group

But it's not just ransomware gangs. In June of 2017, hackers allegedly working for the United Arab Emirates government partially took over the live broadcast of the state-owned Qatar News Agency, showing made up quotes for the country's leader, the Sheikh Tamim bin Hamad Al Thani. In 2015, Russian government hackers, pretending to be a ISIS-linked group, hacked the French TV5Monde and forced multiple channels to go dark.  

Long before organized cybercrime and government hackers, mysterious hackers  have disrupted TV broadcasts. Perhaps the most famous example of this is the 1987 "Max Headroom" hack. In the span of two hours, someone took over Chicago's Channel 9's Nine O'Clock News for thirty seconds, and then Channel 11, the PBS affiliate WTTW for one minute and 21 seconds, replacing the broadcasts with a creepy, distorted, and rambling version of Max Headroom, the character of a 1980s movie and TV series. More than 30 years later, we know very little about who was behind the hack, and how they pulled it off, making it one of the most mysterious and tantalizing hacks ever. 

Subscribe to our new cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.


cybersecurity, CYBER, Infosec, ransomware, information security, Sinclair Broadcast Group, Sinclair

like this
Sinclair Workers Say TV Channels Are in ‘Pandemonium’ After Ransomware Attack
Hackers Disrupt Gas Stations in Iran and Deface Billboards to Blame Supreme Leader
Ransomware Gang Says the Real Ransomware Gang Is the Federal Government
US Sanctions Could Cut Off NSO From Tech It Relies On
Police Seize Boxes of Cash in Raid on Alleged Ransomware Gang Members
Woman Allegedly Hacked Flight School, Cleared Planes With Maintenance Issues to Fly
Hackers Compromised Middle East Eye News Website to Hack Visitors, Researchers Say
‘Urgent Pizza’: The Untold Story of the Largest Hack in Twitch’s History