Lee Enterprises Ransomware Attack Exposes Personal Data of Nearly 40,000 People

Lee Enterprises, one of the biggest newspaper companies in the U.S., is informing more than 39,000 people that their personal data was stolen in a ransomware attack that happened in February 2025.

The company owns 77 daily newspapers and more than 350 weekly and specialty publications across 26 states. It has a daily print readership of over 1.2 million and a large digital audience in the millions.

In a recent filing with the Maine Attorney General’s Office, Lee Enterprises said hackers accessed documents containing sensitive information of 39,779 individuals. The stolen data includes names and Social Security numbers.

According to the company, the cyberattack took place on February 3, 2025, and caused major disruptions. Newsrooms across the country experienced system shutdowns, which delayed newspaper printing and delivery. Employees also lost access to internal tools, cloud storage, and corporate VPNs.

A week after the attack, Lee Enterprises told the U.S. Securities and Exchange Commission (SEC) that the hackers had encrypted critical systems and stolen files. It was later revealed that a ransomware group called Qilin claimed responsibility.

Qilin said it had taken around 120,000 documents totaling 350 GB, including government ID scans, financial records, contracts, and other private files. The group threatened to leak the data on March 5 and posted some samples on its dark web site on February 28.

When asked about the stolen files, Lee Enterprises said it was aware of the claims and still investigating the matter.

This isn’t the first time the company has been targeted. In 2020, Iranian hackers reportedly breached Lee Enterprises’ systems before the U.S. presidential election as part of a disinformation campaign.

Lee Enterprises is continuing to investigate the latest breach and is contacting affected individuals.