Lee Enterprises blames cyberattack for encrypting critical systems as US newspaper outages drag on

News
By published

The company did suffer a ransomware attack, after all

Ransomware
  • Lee Enterprises filed a new report with the SEC
  • It confirmed suffering a ransomware attack and having files encrypted
  • As outage drags on, the investigation continues

The recent cyberattack on newspaper firm Lee Enterprises has turned out to be a ransomware attack, after all.

The company confirmed the news in a recent 8-K report filed with the US Securities and Exchange Commission (SEC), sharing more details about the attack, confirming that it was a ransomware strike.

“Preliminary investigations indicate that threat actors unlawfully accessed the company’s network, encrypted critical applications, and exfiltrated certain files,” it was said in the filing. “The company is actively conducting forensic analysis to determine whether sensitive data or personally identifiable information (PII) was compromised. At this time, no conclusive evidence has been identified, but the investigation remains ongoing.”

Advanced evasion techniques

The news comes roughly a week after it filed a 10-Q form with the SEC saying it suffered a cyberattack which forced it to pull parts of its IT infrastructure offline.

“On February 3, 2025, the company experienced a technology outage due to a cyber incident affecting certain business applications, resulting in an operational disruption,” it was said in the filing. “The company is actively investigating the incident, implementing recovery measures, and assessing the potential impact on its operations, financial condition, and internal controls.”

The incident impacted Lee’s operations, including distribution of products, billing, collections, and vendor payments, the company further stressed.

Distribution of print publications across its portfolio of products experienced delays, and online operations are partially limited. It still said that it now distributes all core products in “normal cadence”, although weekly and ancillary products have not yet been restored.

Some of the affected publications include the Winston-Salem Journal, Albany Democrat-Herald, Corvallis Gazette-Times, and others. A full list of affected outlets can be found on this link.

Via TechCrunch

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.