Dark Web Threat : Qilin Group Behind Lee Enterprises Breach

Qilin, a Russian-speaking cybercrime group known for double extortion is now threatening Lee Enterprises, saying that they’ll leak sensitive information, if they are not willing to pay ransom.

Why it matters

Lee Enterprises is a publicly traded company and one of the largest newspaper groups in the United States. Its portfolio includes popular publications like The Buffalo News, Omaha World-Herald, and the Richmond Times-Dispatch.

Details of the Attack

• When: As per the 8k filing, Lee Enterprises said it experienced a system outage on February 3, 2025.

• Impact: This cyberattack disrupted distribution of products, billing, collections, and vendor payments. Online and print distribution were minimal and were resolved by February 12, with only a few products still yet to be fully restored.

Qilin Announced We Did It 

Qilin, in a statement released on February 27, claimed to have stolen approximately 350 GB of data, including:

• Investor records
• Financial arrangements that raise questions, 
• Payments made to journalists and publishers
• Funding for tailored news stories
• Methods used to acquire insider information.

Due to the sensitive nature of the exfiltrated data ransom demand could be extraordinarily high and negotiations are likely underway as the deadline approaches. 

Security Alert

If you are a subscriber to Lee Enterprises’ print or digital services, be cautious of phishing emails or text messages.

Stay Safe Online !

Follow Cybersecurity88 on X and Linkedin for latest cybersecurity news