Qilin ransomware group claims a major cyber attack on Lee Enterprises
The infamous Qilin ransomware group has claimed responsibility for carrying out an attack on American newspaper publishing giant Lee Enterprises and stealing 350 gigabytes of confidential data.
Last month, the media giant said in a filing with the U.S. Securities and Exchange Commission that on February 3, it experienced a technology outage due to a cyber incident that caused operational disruptions.
Lee Enterprises immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident. It also took steps to recover from the incident, and assess the potential impact on its operations, financial condition, and internal controls.
In a separate filing with the SEC, the media giant said that the outage resulted from a ransomware attack where “threat actors unlawfully accessed the Company’s network, encrypted critical applications, and exfiltrated certain files.”
“The Company is actively conducting forensic analysis to determine whether sensitive data or personally identifiable information (PII) was compromised. At this time, no conclusive evidence has been identified, but the investigation remains ongoing,” reads the SEC filing.
“The incident impacted the Company’s operations, including distribution of products, billing, collections, and vendor payments. Distribution of print publications across our portfolio of products experienced delays, and online operations were partially limited,” the company added.
Recently, the Qilin ransomware group claimed responsibility for the ransomware attack on Lee Enterprises and listed it as a victim on its data leak site. The group claims to be in possession of 350GB of confidential data and has shared samples of the data as proof of its claim.
📢 Ransomware Alert:
— FalconFeeds.io (@FalconFeedsio) February 27, 2025
Lee Enterprices(https://t.co/UyKUqUZVrI), a leading provider of local news and information, based in USA, has fallen victim to Qilin Ransomware
🔍 Key Details:
🛡Threat Actor : Qilin
📅Published date : 27-02-2025
⚠️ Compromised Data : 350 GB pic.twitter.com/3eH3JYy0Sj
The sample data includes government ID scans, non-disclosure agreements, financial spreadsheets, contracts, agreements, and other confidential documents. Qilin said it gave the publishing giant a deadline of March 5 to pay a ransom and prevent the stolen data from being published online.
A spokesperson for Lee Enterprise has acknowledged the ransomware group’s claim in a statement shared with BleepingComputer. “We are aware of the claims and are currently investigating them,” they said.
Related Articles
Most Viewed
New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY
Don’t allow AI experiments to become quiet business risksSponsored by alice.io
The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty
The Expert View: Transforming security through risk intelligenceSponsored by Obrela
Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF
23-29 Hendon Lane, London, N3 1RT
020 8349 4363
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543