Skip to content

Secure IT

Stay Secure. Stay Informed.

Primary Menu
  • Home
  • Sources
    • Krebs On Security
    • Security Week
    • The Hacker News
    • Schneier On Security
  • Home
  • Security Week
  • Ransomware Group Takes Credit for Lee Enterprises Attack
  • Security Week

Ransomware Group Takes Credit for Lee Enterprises Attack

Eduard Kovacs February 28, 2025
0

A ransomware gang has taken credit for the recent attack on Lee Enterprises, which caused disruptions at dozens of local newspapers.

The cyberattack came to light in early February, when the American media company, which owns roughly 350 weekly and specialty publications across 25 states, revealed that the incident had impacted business applications and resulted in operational disruptions. 

The attack reportedly impacted at least 75 newspapers across the US, including the distribution of print publications and online operations. 

The company later clarified that the attackers encrypted files and exfiltrated information from its systems, which indicated that it had been targeted in a ransomware attack.

On February 27, the Qilin ransomware group announced that it was behind the attack on Lee Enterprises in a post on its Tor-based leak website. This indicates that Lee Enterprises has refused to pay a ransom or negotiations have stalled. 

The hackers claimed to have obtained 350 Gb of files from Lee Enterprises systems, including “investor records, financial arrangements that raise questions, payments to journalists and publishers, funding for tailored news stories, and approaches to obtaining insider information”.

The cybercriminals are threatening to leak the stolen data on March 5 unless a ransom is paid. To demonstrate their claims, they have published samples of the stolen data, including screenshots of passport and driver’s license scans, corporate documents, and spreadsheets. 

Qilin is a Russia-linked ransomware-as-a-service that appears to have been around since October 2022. It has targeted a wide range of organizations, including London hospitals, which were forced to cancel operations and appointments due to the attack. 

Advertisement. Scroll to continue reading.

Qilin has to date published the names of roughly 300 victims on its leak website. The actual number of targeted organizations is likely significantly higher considering that many victims decide to pay a ransom — only those that refuse to pay up are named on leak sites. 

Related: Philadelphia Inquirer Hit by Cyberattack Causing Newspaper’s Largest Disruption in Decades

Related: Media Giant News Corp Discloses New Details of Data Breach

Related: New York Times Responds to Source Code Leak

About The Author

Eduard Kovacs

See author's posts

Original post here

Continue Reading

Previous: Vo1d Botnet Evolves as It Ensnares 1.6 Million Android TV Boxes
Next: In Other News: Krispy Kreme Breach Cost, Pwn2Own Berlin, Disney Hack Story

Trending Now

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation botnet.jpg 1

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

May 23, 2025
CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs saas.jpg 2

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

May 23, 2025
GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts prompt.jpg 3

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

May 23, 2025
Oops: DanaBot Malware Devs Infected Their Own PCs Oops: DanaBot Malware Devs Infected Their Own PCs 4

Oops: DanaBot Malware Devs Infected Their Own PCs

May 22, 2025
Oops: DanaBot Malware Devs Infected Their Own PCs danabot.png 5

Oops: DanaBot Malware Devs Infected Their Own PCs

May 22, 2025
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks chinese-hackers-attacking.jpg 6

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

May 22, 2025

Related Stories

Cybersecurity_News-SecurityWeek.jpg
  • Security Week

Insurance Firm Lemonade Says API Glitch Exposed Some Driver’s License Numbers

Ionut Arghire April 15, 2025 0
ransomware.jpeg
  • Security Week

Kidney Dialysis Services Provider DaVita Hit by Ransomware

Ionut Arghire April 15, 2025 0
Cybersecurity_News-SecurityWeek.jpg
  • Security Week

Conduent Says Names, Social Security Numbers Stolen in Cyberattack

Ionut Arghire April 15, 2025 0
Cybersecurity_News-SecurityWeek.jpg
  • Security Week

2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches

Ionut Arghire April 15, 2025 0
VC-Funding_China-tech.jpg
  • Security Week

China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games

Associated Press April 15, 2025 0
Satellite-Link-Cybersecurity.jpg
  • Security Week

Blockchain, Quantum, and IoT Firms Unite to Secure Satellite Communications Against Quantum Threats

Kevin Townsend April 15, 2025 0

Connect with Us

Social menu is not set. You need to create menu and assign it to Social Menu on Menu Settings.

Trending News

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation botnet.jpg 1
  • The Hacker News

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

May 23, 2025
CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs saas.jpg 2
  • The Hacker News

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

May 23, 2025
GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts prompt.jpg 3
  • The Hacker News

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

May 23, 2025
Oops: DanaBot Malware Devs Infected Their Own PCs Oops: DanaBot Malware Devs Infected Their Own PCs 4
  • Uncategorized

Oops: DanaBot Malware Devs Infected Their Own PCs

May 22, 2025
Oops: DanaBot Malware Devs Infected Their Own PCs danabot.png 5
  • Krebs On Security

Oops: DanaBot Malware Devs Infected Their Own PCs

May 22, 2025
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks chinese-hackers-attacking.jpg 6
  • The Hacker News

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

May 22, 2025
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise exploitss.jpg 7
  • The Hacker News

Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise

May 22, 2025

You may have missed

botnet.jpg
  • The Hacker News

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

[email protected] The Hacker News May 23, 2025 0
saas.jpg
  • The Hacker News

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

[email protected] The Hacker News May 23, 2025 0
prompt.jpg
  • The Hacker News

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

[email protected] The Hacker News May 23, 2025 0
Oops: DanaBot Malware Devs Infected Their Own PCs
  • Uncategorized

Oops: DanaBot Malware Devs Infected Their Own PCs

Sean May 22, 2025 0
Copyright © 2025 All rights reserved. | MoreNews by AF themes.