A Dutch TV and radio broadcaster has discovered itself on the mercy of cybercriminals after struggling a cyber assault, and leaving it scrambling to search out methods to play music to its listeners.
RTV Noord, which supplies TV and radio programming within the northern province of Groningen within the Netherlands, found it had been hacked on November 6, 2025.
On Thursday morning, employees on the “De Ochtendploeg” breakfast present found their entry to laptop techniques was blocked, forcing them to resort to manually enjoying CDs, and even placing LP vinyl data on a turntable to maintain listeners entertained.
By the next morning, the broadcaster had begun publishing updates on its information web site and app once more – for “extraordinarily main information” at the least.
Though the exact nature of the hack towards RTV Noord has not been disclosed, it will be a courageous one who wager towards it being a ransomware assault.
RTV Noord confirmed that the attackers left a message on its community, although it has not been made public.
Given the disruption and the pattern in comparable incidents, the plain suspicion is that this was a ransom word demanding cost for decryption or to forestall stolen information being leaked.
That being stated, it is at all times potential that whoever has compromised the broadcaster has not finished so with a monetary motivation. Prior to now, as an example, there have been TV and radio stations which have discovered themselves hacked for political causes.
No matter motive, hacking a broadcaster can have critical repercussions which transcend the monetary. RTV Noord is not only offering tv and radio companies to the native inhabitants – it additionally acts as an official emergency broadcaster that gives info to residents within the occasion of a catastrophe or disaster.
In a quick assertion, RTV Noord stated that its newsroom may solely be “reached by way of WhatsApp” — a transparent indication that inside communications techniques had been both inaccessible or untrustworthy in the course of the incident.
Coincidentally – or maybe not – the assault on RTV Noord turned public on the identical day that the Rhysida ransomware gang claimed accountability for an assault on Spanish radio station KISS-FM, providing its stolen information for roughly US $300,000 value of Bitcoin.
Broadcasters like RTV Noord have more and more change into focused by cybercriminals hoping to amplify their notoriety. In previous years comparable assaults have managed to impression many different stations, typically even knocking programmes off the airwaves, or broadcasting bogus warnings about missile strikes.
Broadcast infrastructure is each public-facing and time-critical. Even short-term disruption is reputationally damaging and may cascade into real-world hurt, particularly when broadcasters have emergency notification duties. And that’s precisely the form of leverage {that a} ransomware group likes to have at its disposal.
