The personal information of 38,000 individuals, predominantly current and former employees, has been breached following a ‘highly sophisticated’ ransomware attack on US based media company Lee Enterprises.
The hacking, which brought widespread newspaper functions to a standstill for the company, underscored the growing vulnerability of media companies to cyberthreats.
The malware, which Lee Enterprises initially discovered on February 3, 2025, caused Lee Enterprises to halt essential systems, affecting the company’s distribution of print publications, online operations, billing, and vendor payments at 77 daily newspapers and hundreds of weekly and specialty publications across 26 states.
Core product distribution had largely been recovered as of Feb. 12, but Entegra’s investigation, completed this week, showed the extent of the data breach.
The attackers infiltrated Lee’s network without authorization and copied files with personal data, according to notifications the retailer filed with regulators, including the Maine Attorney General’s Office.
The leaked information is made up of people’s first and last names along with their Social Security number. The very sensitive nature of this data exposes us to increased loss exposure from identity theft and related fraudulent activity.
The Qilin ransomware group took credit for the attack in late February, saying it had spirited away about 350 gigabytes of data and would leak it unless a ransom payment was made.
Although the hackers posted some of the stolen data on their dark web leak site, such as scans of government IDs and corporate documents, it’s unknown if the entire dataset was eventually published. So far Lee Enterprises alerted they have “no evidence of the misuse, or attempted misuse, of any impacted information to date.”
As a result of the incident, Lee Enterprises is providing affected individuals with a free 12-month membership to IDX, which includes credit monitoring and identity protection services. The company has also hired third-party cyber experts to improve its defense, introduced more rigorous network monitoring, and is delivering added security training for staff.
The incident has also been costly, both in terms of financial loss and manpower hours, for Lee Enterprises, as it estimates $2 million spent in the recovery effort. This attack is a clear reminder about the complex and evolving risks related to cyber attack that companies across the globe are facing.
