ST. JOHN’S, N.L. –
The company behind a popular independent television station in Newfoundland and Labrador says it was hit by a cyberattack.
The Newfoundland Broadcasting Company Limited says the attack has not hampered on-air operations at NTV nor at its radio station, OZFM.
A company statement says it has confirmed that the perpetrators accessed parts of its systems and are now threatening to post data belonging to the company online.
The Play ransomware group has claimed responsibility for the attack, and its site on the dark web says it stole private data including budget and payroll information and client documents from NTV.
The group’s frequently asked questions page says that it typically encrypts data belonging to its victims so they can no longer access it, and that it will only release it and delete its copies of the stolen information if it receives a payment.
Brett Callow, a cybersecurity analyst in British Columbia, says the company should take Play’s threats seriously, but that it should not give the group any money unless it has no other option to restore its data.
“Paying the demand in these cases simply elicits a pinky promise from the criminals that the stolen data will be destroyed, and there is ample evidence that gangs don’t always do that,” Callow said in an interview. “Some organizations have actually been extorted for a second time using the same data that they paid to have destroyed.”
Play’s site claims it also recently attacked U.S.-based loan and tax agency Credit Central and the Anchorage Daily News in Alaska.
Meanwhile, the Newfoundland Broadcasting Company says it has notified police.
“With the assistance of cybersecurity experts, we are working diligently to understand how the information was obtained and what information has been exposed,” Lindsey Andrews, the company’s chief operating officer, said in the statement.
“We have a dedicated internal and external team, but this process will take some time.”