Newspaper printing across US hit after Lee Enterprises says “cybersecurity event” disrupted operations

News
By published

One of the biggest media companies in the US suffers a cyberattack

Red padlock open on electric circuits network dark red background
(Image credit: Shutterstock/Chor muang)
  • Lee Enterprises confirms suffering a cyberattack
  • It was forced to pull parts of its IT infrastructure offline
  • Printing of many newspapers were disrupted as a result

American media giant Lee Enterprises has suffered a cyberattack which forced it to pull parts of its IT infrastructure offline - meaning dozens of newspapers and media outlets across the United States could not operate normally.

In a new 10-Q form filed recently with the US Securities and Exchange Commission (SEC) the company said that it suffered a data breach that affected operations.

“On February 3, 2025, the company experienced a technology outage due to a cyber incident affecting certain business applications, resulting in an operational disruption,” it was said in the filing. “The company is actively investigating the incident, implementing recovery measures, and assessing the potential impact on its operations, financial condition, and internal controls.”

No material impact (yet)

Lee Enterprises did not share further details about the attack, nor did it want to discuss it with the media.

Since the company services more than 70 media outlets across the States, many were affected by the attack, TechCrunch reports. Among them are the Post-Dispatch and Casper Star-Tribune. The latter, for example, said “many of Lee’s newspapers initially were not able to build pages and publish, though the company has been working to print and deliver back issues.”

The publication also obtained a copy of a letter the company sent to its employees, in which it was said that a data center hosting applications and services was offline, pulling systems for subscriber services with it.

There is no timeline for recovery just yet, but Lee said in the SEC filing that the attack did not impact the firm materially. “However, the evaluation remains ongoing,” it added.

Although not a rule, generally a company is forced to shut down its IT infrastructure during a ransomware attack. These attacks also often result in data theft and extortion attempts. We expect further details in the coming weeks.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.