Lee Enterprises newspaper disruptions caused by ransomware attack

Lee newsrooms across the United States have reported that the cyberattack forced the newspaper publisher to shut down many of its networks, leading to widespread printing and delivery disruptions for dozens of newspapers. BleepingComputer also learned that the resulting outage caused chaos across the newspaper group, with reporters and editors unable to access their files because VPNs used to connect securely to the network stopped working. Newspaper publishing giant Lee Enterprises has confirmed that a ransomware attack is behind ongoing disruptions impacting the group's operations for over two weeks. As a local news provider and one of the largest newspaper groups in the United States, Lee publishes 77 daily newspapers and 350 weekly and specialty publications across 26 states. Five years ago, before the 2020 U.S. presidential election, the newspaper group was hit by another cyberattack when Iranian hackers breached its network as part of a broader campaign to spread disinformation. In response to the ongoing outage, Lee has also implemented temporary measures, such as manual transaction processing and alternative distribution channels, to maintain critical business functions while encrypted systems are restored. Distribution of print publications across our portfolio of products experienced delays, and online operations were partially limited," Lee Enterprises added. "The incident impacted the Company's operations, including distribution of products, billing, collections, and vendor payments. "As of February 12, 2025, all core products are being distributed in the normal cadence, however weekly and ancillary products have not been restored. The company first disclosed the breach in a 10-Q quarterly report filed with the SEC on February 7, four days after the ransomware attack was discovered. Lee is now investigating if the sensitive data or personally identifiable information (PII) was also exposed during the breach, but no conclusive evidence has been found.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 18 Feb 2025 12:40:14 +0000

Cyber News related to Lee Enterprises newspaper disruptions caused by ransomware attack

Lee Enterprises newspaper disruptions caused by ransomware attack - Lee newsrooms across the United States have reported that the cyberattack forced the newspaper publisher to shut down many of its networks, leading to widespread printing and delivery disruptions for dozens of newspapers. BleepingComputer also ...
3 days ago Bleepingcomputer.com

Lee Enterprises Says Ransomware Attack Compromises 'Critical' Systems - Lee’s incident response team, comprising internal IT personnel and external cybersecurity experts, isolated affected systems and initiated manual transaction processing to mitigate operational paralysis. Lee’s incident highlights the escalating ...
2 days ago Cybersecuritynews.com

Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com

The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
1 year ago Bleepingcomputer.com

Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com

The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com

Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com

Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com

The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
1 year ago Bleepingcomputer.com

The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
1 year ago Bleepingcomputer.com

The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
1 year ago Bleepingcomputer.com

Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
11 months ago Bleepingcomputer.com

Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
11 months ago Feeds.fortinet.com

Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
1 year ago Malwarebytes.com

Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
1 year ago Securityboulevard.com

Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
1 year ago Bleepingcomputer.com

The Week in Ransomware - Attacks on hospitals continued this week, with ransomware operations disrupting patient care as they force organization to respond to cyberattacks. While many, like LockBit, claim to have policies in place to avoid encryping hospitals, we continue to ...
1 year ago Bleepingcomputer.com

Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
4 months ago Securelist.com

Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
1 year ago Techrepublic.com

The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
9 months ago Bleepingcomputer.com

Ransomware Taskforce: Australia Leads International Effort Against Cyberattackstitle - In response to the devastating effects of ransomware around the world, a new international effort is being led by Australia to tackle the growing cyber threat. Announced in July 2018, Australia’s Prime Minister, Malcolm Turnbull, formed the ...
2 years ago Csoonline.com

Omdia: Standalone Security Products Outsell Cybersecurity Platforms - In its many briefings with cybersecurity vendors, one of the most consistent themes Omdia hears is why enterprises need cybersecurity platforms. Instead, vendors claim, enterprises could get better outcomes if they give up their multitude of ...
1 year ago Darkreading.com

VX-Underground malware collective framed by Phobos ransomware - A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor. Phobos launched in 2018 in what is believed to be a ransomware-as-a-service derived from the ...
1 year ago Bleepingcomputer.com

Best Ransomware Protection Practices for Midsize Organizations - Ransomware Protection has emerged as a crucial step in cybersecurity since ransomware attacks have become a major threat to businesses of all sizes, including midsize organizations. Ransomware attacks can be delivered via email attachments or links, ...
1 year ago Securityboulevard.com

Latest Cyber News

Google Chrome disables uBlock Origin for some in Manifest v3 rollout - 4 hours ago
CVE-2025-25282 - 4 hours ago
CVE-2025-1555 - 4 hours ago
Hackers drained $1.4 billion of cryptocurrency from Bybit exchange, CEO confirms | The Record from Recorded Future News - 5 hours ago
Auto-Generated Password Vulnerability In Sitevision Leaks Signing Key - 5 hours ago
CVE-2025-25604 - 6 hours ago
CVE-2025-25605 - 6 hours ago
CVE-2025-25767 - 6 hours ago
CVE-2025-25768 - 6 hours ago
CVE-2025-25769 - 6 hours ago
CVE-2025-25770 - 6 hours ago
CVE-2025-25772 - 6 hours ago
CVE-2020-19248 - 6 hours ago
SpyLend Android malware downloaded 100,000 times from Google Play - 6 hours ago
CVE-2025-25876 - 7 hours ago
CVE-2025-25877 - 7 hours ago
CVE-2025-25878 - 7 hours ago
CVE-2025-25765 - 7 hours ago
CVE-2025-25766 - 7 hours ago
CVE-2025-25875 - 7 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-25958 - 1 day ago
CVE-2025-25960 - 1 day ago
CVE-2024-54756 - 1 day ago
CVE-2024-7131 - 1 day ago
CVE-2025-22973 - 1 day ago
CVE-2025-25662 - 1 day ago
CVE-2025-25663 - 1 day ago
CVE-2025-25664 - 1 day ago
CVE-2025-25667 - 1 day ago
CVE-2025-25668 - 1 day ago
CVE-2025-25674 - 1 day ago
CVE-2025-25675 - 1 day ago
CVE-2025-25676 - 1 day ago
CVE-2025-25678 - 1 day ago
CVE-2025-25679 - 1 day ago
CVE-2025-25957 - 1 day ago
CVE-2025-27088 - 1 day ago
CVE-2025-27100 - 1 day ago
CVE-2025-1001 - 1 day ago
CVE-2024-13235 - 21 hours ago