Lee Enterprises filed a new report with the SECIt confirmed suffering a ransomware attack and having files encryptedAs outage drags on, the investigation continues
The recent cyberattack on newspaper firm Lee Enterprises has turned out to be a ransomware attack, after all.
The company confirmed the news in a recent 8-K report filed with the US Securities and Exchange Commission (SEC), sharing more details about the attack, confirming that it was a ransomware strike.
“Preliminary investigations indicate that threat actors unlawfully accessed the company’s network, encrypted critical applications, and exfiltrated certain files,” it was said in the filing. “The company is actively conducting forensic analysis to determine whether sensitive data or personally identifiable information (PII) was compromised. At this time, no conclusive evidence has been identified, but the investigation remains ongoing.”
Advanced evasion techniques
The news comes roughly a week after it filed a 10-Q form with the SEC saying it suffered a cyberattack which forced it to pull parts of its IT infrastructure offline.
“On February 3, 2025, the company experienced a technology outage due to a cyber incident affecting certain business applications, resulting in an operational disruption,” it was said in the filing. “The company is actively investigating the incident, implementing recovery measures, and assessing the potential impact on its operations, financial condition, and internal controls.”
The incident impacted Lee’s operations, including distribution of products, billing, collections, and vendor payments, the company further stressed.
Distribution of print publications across its portfolio of products experienced delays, and online operations are partially limited. It still said that it now distributes all core products in “normal cadence”, although weekly and ancillary products have not yet been restored.
Some of the affected publications include the Winston-Salem Journal, Albany Democrat-Herald, Corvallis Gazette-Times, and others. A full list of affected outlets can be found on this link.
Via TechCrunch
You might also like
This new keylogger uses Microsoft PowerShell scripts to quietly steal sensitive information — here’s how to protect your dataWe’ve rounded up the best password managersTake a look at our guide to the best authenticator app
