«
»

Lee Enterprises Has Apparently Been Pwned

It is being reported that newspapers across the country owned by the news media company Lee Enterprises, parent company of more than 70 daily newspapers and nearly 350 weekly and specialty publications in 25 states, were impacted by a cyberattack which made them unable to print newspapers and created problems with their websites.

Erich Kron, security awareness advocate at KnowBe4, commented:

“Although it isn’t officially announced, the symptoms of this attack have all of the signs of a significant ransomware event. Ransomware groups love to target organizations that are time sensitive, and media outlets absolutely fit that description, especially ones that produce a physical product.

Unfortunately, during these attacks cybercriminals very often steal any data they can find that may be useful to sell, or to use as leverage when paying a ransom. This is often going to include employee or customer information, and in the case of media outlets could include sensitive information such as confidential informants and other people who may want to remain anonymous.

Ransomware attacks are often very costly and don’t end with simply paying the ransom. The cybercriminals will often leave back doors in the network that need to be found and removed to ensure the attackers don’t simply reinfect the network, demanding yet another ransom payment. Hiring cybersecurity experts to find and remove back doors can be extremely costly, plus there is the cost of sales and advertising that would be halted while the systems are still down.

Because ransomware is most often spread by targeting employees with social engineering attacks, such as phishing, smishing, or even vishing, it’s critical that organizations not only have technical controls in place, but also have a robust human risk management program as well.”

I was hoping that things would be better in 2025, but given the number of attacks that I am reporting on, it honestly feels worse than 2024. Which means that this is going to be a very long year.

This entry was posted on February 10, 2025 at 3:09 pm and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Lee Enterprises Has Apparently Been Pwned”

  1. Qilin ransomware gang claims responsibility for cyber attack on Lee Enterprises | The IT Nerd Says:
    February 27, 2025 at 3:23 pm

    […] group Qilin today claimed responsibility for the early February cyberattack on Lee Enterprises which disrupted many of the company’s 70-plus newspapers and other publications. Qilin […]

    Reply
  2. Lee Enterprises Discloses That Almost 40K People Have Had Their Information Stolen In A Ransomware Attack | The IT Nerd Says:
    June 4, 2025 at 12:49 pm

    […] Newspaper giant Lee Enterprises has reported that personal information belonging to 39,779 people was stolen in a February 2025 ransomware attack which you can read about here. […]

    Reply

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading