Publishing big Lee Enterprises is notifying practically 40,000 individuals whose private info was stolen in a February 2025 ransomware assault.
As one of many largest newspaper teams in america, Lee Enterprises publishes 77 day by day newspapers and 350 weekly and specialty publications throughout 26 states. The native information supplier’s newspapers have a day by day circulation of over 1.2 million, and a digital viewers reaching tens of tens of millions every month.
In a submitting with the Workplace of Maine’s Lawyer Normal this week, the corporate revealed that attackers behind a ransomware assault in February stole paperwork containing personally identifiable info of 39,779 people.
“The investigation decided that info could have been accessed or acquired with out authorization on February 3, 2025,” Lee Enterprises revealed in data breach notifications despatched to affected people.
“The knowledge that might have been topic to unauthorized entry and/or acquisition contains first and final title, in addition to Social Safety quantity.”
After the incident, Lee Enterprises newsrooms throughout america reported that the assault triggered a programs outage, forcing the writer to close down a lot of its networks and resulting in widespread printing and supply disruptions for dozens of newspapers.
BleepingComputer additionally realized that the outage had precipitated important points, together with company VPNs being down and misplaced entry to inner programs and cloud storage.
Per week later, the corporate submitted a submitting with the SEC disclosing that the hackers “encrypted vital purposes and exfiltrated sure information,” revealing that it acquired hit by ransomware.
Breach claimed by Qilin ransomware
Whereas the corporate has but to attribute the assault to a selected operation, the Qilin ransomware gang claimed accountability in late February.
The ransomware gang claimed to have stolen 120,000 paperwork totaling 350 GB in measurement and threatened to launch all of them on March 5.
Qilin added Lee Enterprises to its darkish net leak website on February 28, sharing samples of knowledge allegedly stolen from the corporate’s compromised programs, together with authorities ID scans, monetary spreadsheets, contracts/agreements, non-disclosure agreements, and different confidential information.
When BleepingComputer contacted Lee Enterprises to substantiate that the stolen knowledge was professional, a spokesperson mentioned the corporate was “conscious of the claims” and was “at present investigating them.”
Lee Enterprises’ community was additionally breached earlier than the 2020 U.S. presidential election when Iranian hackers gained entry to its programs as a part of a broader marketing campaign to unfold disinformation.
Guide patching is outdated. It is sluggish, error-prone, and difficult to scale.
Be part of Kandji + Tines on June 4 to see why outdated strategies fall brief. See real-world examples of how trendy groups use automation to patch sooner, lower danger, keep compliant, and skip the complicated scripts.
