40,000 people’s data compromised in Lee Enterprises cyberattack

Lee Enterprises, a regional newspaper publisher, disclosed that approximately 40,000 individuals had their data compromised in a recent cybercrime incident. The data breach involved the theft of personal information, including first and last names, as well as social security numbers. While Lee Enterprises assured that there has been no evidence of misuse of the stolen data, they did not specifically mention whether newspaper subscribers were affected.

The compromised data primarily pertained to “certain employees” of the company. It was noted that Lee Enterprises has undergone job cuts in recent years, indicating a reduction in their workforce, but it remains unclear if customer or former employee data was part of the breach.

The security breach was detected on February 3, with unauthorized access to the data occurring two days prior. Following the discovery, the company conducted a thorough review with a third-party vendor and informed the affected individuals of the breach. Lee Enterprises promptly implemented security measures to prevent similar incidents in the future and notified the Federal Bureau of Investigation to assist in the investigation.

While CEO Kevin Mowbray publicly acknowledged the cyber-attack on February 7, the company refrained from explicitly attributing it to ransomware, labeling it as a “cybersecurity attack” instead. The incident led to disruptions in the production of print and digital journalism across various newspaper brands owned by Lee Enterprises. Despite the impact on their operations, the company assured that its brands are now operating normally.

The cyber-attack was later attributed to the Qilin group, although the company’s data is no longer accessible on their website. Lee Enterprises highlighted the anticipated financial repercussions of the breach but emphasized that they were covered by a comprehensive cyber insurance policy. With over 70 daily newspapers and nearly 350 weekly and special-interest publications nationwide, the company managed to restore its operations albeit experiencing varying levels of disruption across different publications.

Some publications resorted to reducing the number of sections in each issue temporarily, while others had to halt production altogether. The incident underscores the increasing threat posed by cybercriminals to organizations, regardless of their industry or size. Lee Enterprises’ response to the data breach exemplifies the necessary steps companies must take to safeguard sensitive information and mitigate risks associated with cyber threats. As cybercrime continues to evolve, companies must remain vigilant and proactive in enhancing their cybersecurity measures to protect both their assets and their customers’ data.