Publishing big Lee Enterprises is notifying over 39,000 folks whose private data was stolen in a February 2025 ransomware assault.
As one of many largest newspaper teams in america, Lee Enterprises publishes 77 every day newspapers and 350 weekly and specialty publications throughout 26 states. The native information supplier’s newspapers have a every day circulation of over 1.2 million, and a digital viewers reaching tens of hundreds of thousands every month.
In a submitting with the Workplace of Maine’s Legal professional Normal this week, the corporate revealed that attackers behind a ransomware assault in February stole paperwork containing personally identifiable data of 39,779 people.
“The investigation decided that data might have been accessed or acquired with out authorization on February 3, 2025,” Lee Enterprises revealed in information breach notifications despatched to affected people.
“The knowledge that would have been topic to unauthorized entry and/or acquisition contains first and final identify, in addition to Social Safety quantity.”
After the incident, Lee Enterprises newsrooms throughout america reported that the assault triggered a programs outage, forcing the writer to close down a lot of its networks and resulting in widespread printing and supply disruptions for dozens of newspapers.
BleepingComputer additionally discovered that the outage had triggered important points, together with company VPNs being down and misplaced entry to inner programs and cloud storage.
Per week later, the corporate submitted a submitting with the SEC disclosing that the hackers “encrypted important purposes and exfiltrated sure recordsdata,” revealing that it acquired hit by ransomware.
Breach claimed by Qilin ransomware
Whereas the corporate has but to attribute the assault to a selected operation, the Qilin ransomware gang claimed accountability in late February.
The ransomware gang claimed to have stolen 120,000 paperwork totaling 350 GB in dimension and threatened to launch all of them on March 5.
Qilin added Lee Enterprises to its darkish internet leak web site on February 28, sharing samples of information allegedly stolen from the corporate’s compromised programs, together with authorities ID scans, monetary spreadsheets, contracts/agreements, non-disclosure agreements, and different confidential recordsdata.
When BleepingComputer contacted Lee Enterprises to verify that the stolen information was respectable, a spokesperson mentioned the corporate was “conscious of the claims” and was “at the moment investigating them.”
Lee Enterprises’ community was additionally breached earlier than the 2020 U.S. presidential election when Iranian hackers gained entry to its programs as a part of a broader marketing campaign to unfold disinformation.
Guide patching is outdated. It is sluggish, error-prone, and difficult to scale.
Be a part of Kandji + Tines on June 4 to see why previous strategies fall quick. See real-world examples of how fashionable groups use automation to patch sooner, lower threat, keep compliant, and skip the advanced scripts.
