Newspaper publishing giant Lee Enterprises said an ongoing cyberattack is causing disruptions across its business, and is now in its third week of outages.
In a filing with the U.S. Securities and Exchange Commission, Lee said it was conducting a forensic analysis to determine if sensitive or personal data was stolen in the cyberattack.
“Preliminary investigations indicate that threat actors unlawfully accessed the Company’s network, encrypted critical applications, and exfiltrated certain files,” said Lee in its filing, describing the incident as a ransomware attack.
Lee said it anticipated the outages to last for several more weeks as the company restores affected systems. The company said it had notified law enforcement.
“The incident impacted the Company’s operations, including distribution of products, billing, collections, and vendor payments. Distribution of print publications across our portfolio of products experienced delays, and online operations were partially limited,” the company said in the filing.
Tracy Rouch, a spokesperson for Lee Enterprises, did not immediately return a request for comment on Tuesday.
Lee is one of the largest newspaper publishers in the United States, and provides publishing and website services to 72 publications across the country.
Lee notified affected media outlets on February 3 that one of its data centers that hosts applications and services used by Lee and its customers, including its services for paying subscribers, was “down,” according to an email sent by Lee CEO Kevin Mowbray that TechCrunch has seen.
Lee later said its customers were unable to log in or access key business applications.
Several Lee-owned publications continue to report disruption to their regular news-printing operations. The Winston-Salem Journal, covering North Carolina, said the disruptions prevented it from printing several editions, while two Lee-owned Oregon-based newspapers, Albany Democrat-Herald and Corvallis Gazette-Times, had similar issues preventing the publication of at least two editions until the weekend.
Other Lee publications display website messages that they are “currently undergoing maintenance on some services, which may temporarily affect access to subscription accounts and the E-edition.”
The Freedom of the Press Foundation has a running list of affected outlets.
Lee said that the incident is “reasonably likely” to have a material impact on the company’s financial results.
Do you know more about the cyberattack at Lee Enterprises? Contact Zack Whittaker securely on Signal and WhatsApp at +1 646-755-8849. You can also share documents securely with TechCrunch via SecureDrop.
