Incident Details
- Date of Incident
- December 8, 2019
- Location
- Multiple
- Targets
- Cowles Co.
At least 10 TV stations in Washington and Montana were affected by a Dec. 8, 2019, cyberattack on the software running their news broadcasts.
At least 10 TV stations in Washington state and Montana belonging to Cowles Co. were affected by a Dec. 8, 2019, cyberattack on the software running their news broadcasts.
Patricia McRae, then president of Cowles-owned station groups KHQ, Inc., and Cowles Montana Media, told KRTV that the attack — which affected seven stations in Montana and three in Washington state — damaged systems and software used by the stations to prepare local newscasts, impacting video feedback, graphics and weather systems.
The Spokesman-Review reported that, to continue broadcasting, journalists were resorting to paper scripts, filing stories through private social media accounts and using fewer on-screen graphics and videos.
KHQ reported the attack to the FBI, McRae told the Spokesman-Review. She declined to tell the newspaper whether an attacker had issued demands connected to the attack.
KHQ-TV Station Manager Jason Ramsey told the U.S. Press Freedom Tracker via email in February 2025, “Since the incident we have strengthened our security measures and continue to conduct internal training to prepare for potential future issues.”
Stacey Cowles, president of the print media division of Cowles, told the Tracker via email that it took months for the 10 stations affected “to rebuild and regain full functionality” after the attack.
“I don’t recall the perpetrator, except they were identified as likely Bulgarian,” he wrote. “We believe the malware was introduced through a server port left unsecure for vendor use.”
He also said that the company experienced a second cyberattack in April 2023, but that in neither case did the attacker indicate it knew the target was a media business.
The U.S. Press Freedom Tracker catalogues press freedom violations in the United States. Email tips to [email protected].
