Newspaper Giant Lee Enterprises Reels From Cyberattack

On Friday, Feb. 3, Lee Enterprises, one of the largest newspaper groups in the US, with newspapers in 72 markets, filed a report with the SEC detailing a cyberattack that impacted its operations after causing an outage.
Lee Enterprises is a public publishing company that also offers online services and special publications. Some of the newspapers include The Buffalo News, Omaha World-Herald, and Richmond Times-Dispatch.
The company is still investigating the data breach incident and determining the potential impact on its operations. It has not yet identified "any impact that is material," but that could change as the investigation continues.
"These types of investigations are complex and time-consuming, with many taking several weeks or longer to complete," said a Lee Enterprises spokesperson. "We have notified law enforcement of the situation."
It's unclear what kind of cyberattack hit the newspaper company, who the threat actors are, and if any data was stolen; however, some of the Lee Enterprises newsrooms reported the cyberattack forced the company to shut down networks, which led to disruptions in newspaper printing and delivery.
"Although it isn't officially announced, the symptoms of this attack have all of the signs of a significant ransomware event," said Erich Kron, security awareness advocate at KnowBe4, in an emailed statement to Dark Reading. "Ransomware groups love to target organizations that are time sensitive, and media outlets absolutely fit that description, especially ones that produce a physical product.
As of now, multiple publication websites contain notices reading: "We are currently undergoing maintenance on some services, which may temporarily affect access to subscription accounts and the E-edition. We apologize for any inconvenience and appreciate your patience as we work to resolve the issues."
Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores
Sky ECC encrypted service distributors arrested in Spain, Netherlands
CVE-2024-20439 Cisco Smart Licensing Utility Static Credential Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2019-9874 Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability
CVE-2019-9875 Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability
CVE-2025-30154 reviewdog/action-setup GitHub Action Embedded Malicious Code Vulnerability
CVE-2025-1316 Edimax IC-7100 IP Camera OS Command Injection Vulnerability
CVE-2024-48248 NAKIVO Backup and Replication Absolute Path Traversal Vulnerability
CVE-2017-12637 SAP NetWeaver Directory Traversal Vulnerability
CVE-2025-24472 Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
InformationalInformation Disclosure - Suspicious Comments
InformationalRe-examine Cache-control Directives
HighCWE-640 Weak Password Recovery Mechanism for Forgotten Password
HighCWE-770 Allocation of Resources Without Limits or Throttling
CWE-344 Use of Invariant Value in Dynamically Changing Context
CWE-45 Path Equivalence: 'file...name' (Multiple Internal Dot)
MediumCWE-1022 Use of Web Link to Untrusted Target with window.opener Access
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
Free online web security scanner