Data Breach at Lee Enterprises Affects Nearly 40,000 Individuals

Lee Enterprises, one of the largest newspaper publishers in the U.S., has confirmed a significant data breach following a ransomware attack earlier this year. The breach compromised the personal information of nearly 40,000 individuals, primarily current and former employees.

The company disclosed in a letter filed with Maine’s attorney general that the cyberattack resulted in the theft of sensitive data, including Social Security numbers, belonging to 39,779 people. This confirmation follows a disruptive ransomware attack in February that paralyzed newspaper printing and affected operations across numerous U.S. media outlets.

The initial ransomware attack, which occurred in February, caused widespread disruption to over 70 publications that rely on Lee Enterprises for publishing technology and web services. The attack not only impacted newspaper printing but also delayed payments to freelancers and contractors, exacerbating the challenges faced by the media organization.

The ransomware gang Qilin, known for its destructive cyberattacks, has claimed responsibility for the breach.

Lee Enterprises has yet to release an official statement beyond the notification to the Maine attorney general, and a request for comment went unanswered prior to publication.

The incident underscores the increasing vulnerability of media organizations to cyberattacks, highlighting the critical need for robust cybersecurity measures to protect sensitive employee and customer data.

This breach serves as a stark reminder of the potential consequences of ransomware attacks, which can not only disrupt operations but also lead to significant data loss and reputational damage. Lee Enterprises now faces the challenge of mitigating the impact of the breach and restoring trust with its employees and stakeholders.