Publishing big Lee Enterprises is notifying over 39,000 folks whose private data was stolen in a February 2025 ransomware assault.
As one of many largest newspaper teams in the US, Lee Enterprises publishes 77 every day newspapers and 350 weekly and specialty publications throughout 26 states. The native information supplier’s newspapers have a every day circulation of over 1.2 million, and a digital viewers reaching tens of thousands and thousands every month.
In a submitting with the Workplace of Maine’s Legal professional Common this week, the corporate revealed that attackers behind a ransomware assault in February stole paperwork containing personally identifiable data of 39,779 people.
“The investigation decided that data might have been accessed or acquired with out authorization on February 3, 2025,” Lee Enterprises revealed in knowledge breach notifications despatched to affected people.
“The knowledge that might have been topic to unauthorized entry and/or acquisition consists of first and final title, in addition to Social Safety quantity.”
After the incident, Lee Enterprises newsrooms throughout the US reported that the assault triggered a programs outage, forcing the writer to close down a lot of its networks and resulting in widespread printing and supply disruptions for dozens of newspapers.
BleepingComputer additionally discovered that the outage had precipitated important points, together with company VPNs being down and misplaced entry to inner programs and cloud storage.
Every week later, the corporate submitted a submitting with the SEC disclosing that the hackers “encrypted essential purposes and exfiltrated sure recordsdata,” revealing that it acquired hit by ransomware.
Breach claimed by Qilin ransomware
Whereas the corporate has but to attribute the assault to a particular operation, the Qilin ransomware gang claimed accountability in late February.
The ransomware gang claimed to have stolen 120,000 paperwork totaling 350 GB in measurement and threatened to launch all of them on March 5.
Qilin added Lee Enterprises to its darkish internet leak web site on February 28, sharing samples of information allegedly stolen from the corporate’s compromised programs, together with authorities ID scans, monetary spreadsheets, contracts/agreements, non-disclosure agreements, and different confidential recordsdata.
When BleepingComputer contacted Lee Enterprises to verify that the stolen knowledge was legit, a spokesperson mentioned the corporate was “conscious of the claims” and was “at the moment investigating them.”
Lee Enterprises’ community was additionally breached earlier than the 2020 U.S. presidential election when Iranian hackers gained entry to its programs as a part of a broader marketing campaign to unfold disinformation.
Guide patching is outdated. It is gradual, error-prone, and difficult to scale.
Be part of Kandji + Tines on June 4 to see why previous strategies fall brief. See real-world examples of how trendy groups use automation to patch quicker, lower danger, keep compliant, and skip the complicated scripts.
