A ransomware group has claimed responsibility for a recent cyberattack on Lee Enterprises, a major American media company, disrupting operations across numerous local newspapers.
The attack, which surfaced in early February, affected critical business applications and hindered the distribution of both print and online publications. Lee Enterprises, which owns around 350 weekly and specialty publications across 25 states, confirmed that the attackers had encrypted files and extracted sensitive information from its systems, confirming it as a ransomware incident.
At least 75 newspapers across the United States reportedly faced disruptions due to the breach. On February 27, the Qilin ransomware group took responsibility for the attack through a post on its Tor-based leak site. This suggests that Lee Enterprises either refused to pay the ransom or that negotiations had reached a deadlock.
Nominations are open for Honouring Women in Cyberspace on International Women’s Day 2025- Nominate Now!
According to the hackers, they have exfiltrated 350GB of data from the company’s systems, including investor records, financial agreements, payments to journalists and publishers, funding details for specific news stories, and strategies for acquiring insider information.
The cybercriminals have set a deadline of March 5 to release the stolen data unless their ransom demands are met. To support their claims, they have published samples of the compromised data, including images of passports and driver’s licenses, corporate documents, and financial spreadsheets.
Qilin, a Russia-linked ransomware-as-a-service (RaaS) operation active since October 2022, has targeted various organizations worldwide. Previously, it was responsible for cyberattacks on London hospitals, causing widespread disruption to medical services, including cancellations of surgeries and appointments. The group has publicly listed approximately 300 victims on its leak site, though the actual number of organizations affected is likely much higher, as many entities choose to pay the ransom to prevent public exposure.