WDEF-TV, a CBS‐affiliated station in Chattanooga, Tennessee, was claimed by the Lynx ransomware-as-a-service operation to have been breached. Although WDEF-TV has not yet confirmed the incident, Lynx published sample files that appear to be confidential employee agreements, suggesting the attackers accessed internal HR and payroll documents. The release of such materials exposes employees to identity theft and privacy violations, and could trigger legal liabilities and regulatory scrutiny under data protection laws. Beyond individual harm, the station faces reputational damage, loss of viewer trust, and potential fines from authorities overseeing confidential employee records. The breach may also disrupt day-to-day operations if WDEF-TV’s IT infrastructure was encrypted or held for ransom, forcing the station to allocate resources to incident response, forensic investigation, and public relations management. With Lynx known for targeting nearly 200 organizations and linking its payload to existing ransomware variants, WDEF-TV remains at risk of follow-on extortion and further data dissemination on dark web leak sites. The event underscores the growing threat posed by ransomware gangs against media outlets and the critical need for robust backup and employee data protection measures.
Source: https://www.scworld.com/brief/cbs-affiliate-purportedly-compromised-by-lynx-ransomware-gang
"id": "wde901050525",
"linkid": "wdef-tv",
"type": "Ransomware",
"date": "5/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"