Skip to main content
close search
site logo
Dive Brief

Lee Enterprises says cyberattack will likely have material impact

The newspaper chain said attackers encrypted critical applications and impacted billing, payments and print distribution.

Published Feb. 18, 2025
David Jones's headshot
Reporter
The red lock and its structure explode in a digital computer setting.
TU IS via Getty Images

Lee Enterprises, a major U.S. newspaper chain, said an internal investigation indicates hackers encrypted critical applications and exfiltrated certain data in a Feb. 3 cyberattack that it now expects will have a material impact on its financial condition, according to a securities filing.

While the company did not use the term “ransomware” in the 8-K filing with the Securities and Exchange Commission, the description of the incident contains the essential elements of such attacks. Company officials notified law enforcement and will notify all relevant federal and state agencies and consumer protection authorities. 

The company is still investigating whether sensitive data or personally identifiable information was compromised.

Lee Enterprises, which operates in 72 markets in 25 states across the country, said the attack delayed distribution of its print publications and affected billing, collections and vendor payments. The company’s online operations were partially limited as well. 

The company is the publisher of major regional newspapers, including the Omaha World-Herald, the Buffalo News and the St. Louis Post Dispatch. 

The company said distribution of all of its print publications was back to a normal cadence as of Feb. 12. However, weekly and ancillary products, which represent 5% of its total revenue, had not yet been restored. 

The financial fallout highlights the need for businesses to properly drill for potential attacks and the related effects on operations, according to Katell Thielemann, VP distinguished analyst at Gartner. 

“Most of the time, material impact is felt when business operations are impacted — not when back-office systems are,” Thielemann told Cybersecurity Dive via email. “It is imperative for organizations to have — and exercise — return to manual or disconnected operations if necessary. An incident response plan on a shelf is not usually helpful.”

Lee Enterprises is manually processing transactions and using alternative distribution methods as a temporary fix to maintain critical business functions, according to the filing.

The company has a comprehensive cyber insurance policy, including coverage for incident response, forensic investigation, regulatory fines and business interruption, according to the filing. The policy is subject to deductions and policy limitations. 

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
Invary’s Mission to Ensure the Confidentiality and Security of Systems at Runtime Accelerates …
From Invary
February 03, 2025
Whalebone Secures €13.35M in Funding to Accelerate Global Growth and Innovation
From Whalebone
February 18, 2025
Cobalt Iron Compass® Named a DCIG TOP 5 Enterprise VMware Backup Solution for 2025-26
From Cobalt Iron
February 05, 2025
Whalebone Strengthens APAC Cybersecurity with New Major Telco Partners
From Whalebone
February 11, 2025
Editors' picks
Latest in Cyberattacks
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.