---
title: "US publication house targeted by threat actors! | Phish Protection"
description: "US publication house targeted by threat actors!: One of the largest newspaper groups in the US- Lee Enterprises, faced the brunt of a cyberattack recently."
image: "https://phishprotection.com/og/blog/us-publication-house-targeted-by-threat-actors.png"
canonical: "https://phishprotection.com/blog/us-publication-house-targeted-by-threat-actors/"
---

Quick Answer

One of the largest newspaper groups in the US- Lee Enterprises, faced the \*\*brunt of a cyberattack\*\* recently. The newspaper giant, which has readership across 72 markets in 25 states, reported the

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fus-publication-house-targeted-by-threat-actors%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=US%20publication%20house%20targeted%20by%20threat%20actors!&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fus-publication-house-targeted-by-threat-actors%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fus-publication-house-targeted-by-threat-actors%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fus-publication-house-targeted-by-threat-actors%2F&title=US%20publication%20house%20targeted%20by%20threat%20actors! "Share on Reddit") [ ](mailto:?subject=US%20publication%20house%20targeted%20by%20threat%20actors!&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fus-publication-house-targeted-by-threat-actors%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2025/02/phishing-prevention-best-practices-2789.jpg) 

One of the largest newspaper groups in the US- Lee Enterprises, faced the **brunt of a cyberattack** recently. The newspaper giant, which has readership across 72 markets in 25 states, reported the unfortunate incident of a cyberattack on February 7, 2025\. The attack forced the media conglomerate to temporarily bring down its[IT infrastructure](https://www.gartner.com/en/infrastructure-and-it-operations-leaders/topics/it-infrastructure)offline.

Some of the major newspapers in this public publishing house include Omaha World-Herald, The Buffalo News, and **Richmond Times Dispatch**. Apart from these, Lee Enterprises also runs special publications and online services. In the last quarter itself, this media giant reported a revenue of[$145 million](https://investors.lee.net/news-releases/news-release-details/lee-enterprises-reports-first-quarter-results-0). 

### **The details of the attack!**

_The investigation is going on. As of now, the details of the attackers and the type of cyberattack have not yet been determined_. But the attack was severe, and that’s exactly why[Lee Enterprises](https://www.cybersecuritydive.com/news/lee-enterprises-cyberattack-disrupting/739790/)had to experience disruption in **newspaper printing** and distribution. The spokesperson of Lee Enterprise has been tightlipped and is in no mood to divulge any insider details. 

They have mentioned that such investigations require lots of time, energy, and patience. So, they have urged all the **stakeholders** to stay calm and wait until the investigation is over. 

Meanwhile, Erich Kron, Knowbe4’s security awareness advocate , has shared an **emailed statement** that clearly mentions that the cyberattack on Lee Enterprises is more likely to be a[ransomware attack](/resources/how-to-deal-with-ransomware-attacks). He believes that ransomware groups are increasingly attacking sensitive and critical infrastructures over the last decade. They do so to create a sense of panic and fear among common people. 

Lee Enterprises has filed a 10-Q form with the SEC or the[US Securities and Exchange Commission](https://apnews.com/article/climate-change-sec-disclosure-companies-emissions-risks-b5bb510f9167ef396ee2fbc5a02ba1cf), where it mentioned that the media giant had suffered a significant **data breach** that had impacted its daily business operations.

There was a technology outage on February 3, 2025, because of the threat attack. \_This cyberattack led to temporary **operational disruptions**. However, no Lee Enterprises claims that there has not been ‘any impact that is material’ so far. \_

Lee CEO Kevin Mowbay has[stated](https://techcrunch.com/2025/02/10/media-giant-lee-enterprises-confirms-cyberattack-as-news-outlets-report-ongoing-disruption/)that they are working to ‘fully restore our systems.’ There has not been any clarity around whether or not Lee Enterprises had a negotiation or conversation with the **threat actors**. 

![Phishing prevention best practices](https://media.mailhop.org/phishprotection/images/2025/02/phishing-prevention-best-practices-2789.jpg) 

St Louis Post Dispatch , one of the newspapers in this **publication house**, acknowledged the fact that the cyberattack had impacted the publication. Although Dispatch managed to publish the newspaper daily, the aftermath of the attack was quite evident, as most of the newspapers were smaller on different days after the[cyber incident](/phishing/volkswagen-data-breach-impacts-a-whopping-800k-ev-users). 

[Casper Star Tribune](https://trib.com/), another newspaper in Wyoming, acknowledged that the threat attack has affected the **regular printing of the pages**, leading to difficulties in the publishing process. They expect a temporary reduction in subscription accounts because of this sudden disruption.

An insider at Lee Enterprises revealed that because of the cyberattack on the publication house, some of the systems, like the[call center application](https://www.globenewswire.com/news-release/2024/10/01/2956424/28124/en/North-America-25-Bn-Call-Center-Platforms-Market-Trends-Competitive-Landscape-Forecasts-Opportunities-2023-2024-2029.html), a few of the **helpline numbers**, single sign-on systems for seamless access, and VPN for remote team members got affected.

_Another shocking fact is that this is not the first cyberattacking incident on Lee Enterprise_. The first attack took place in 2021 when a couple of[Iranian hackers](https://cyberscoop.com/iranian-hackers-are-going-after-critical-infrastructure-sector-passwords-agencies-caution/)attacked the content management system of the publication house. The attackers were trying to create a sense of panic by **spreading rumors** and misinformation about this threatening event .

### **Targeting media houses across the globe is gradually becoming a new normal!**

> “Spear phishing attacks are fundamentally different from bulk phishing campaigns. They’re hand-crafted to target specific individuals using information gathered from LinkedIn, company websites, and previous data breaches. Generic email filters trained on bulk spam patterns consistently fail to detect them - that’s why targeted protection matters.” - **Dan Calkin**, VP of Sales, DuoCircle

[Threat actors](/phishing/threat-actor-entices-eu-diplomats-with-fake-wine-tasting-invitation)around the world are increasingly focusing on media organizations as they have found them to be **lucrative targets**. This sector relies heavily on digital technologies and data. That’s exactly what makes it one of the best targets for cybercriminals.

![Phishing info](https://media.mailhop.org/phishprotection/images/2025/02/phishing-info.jpg) 

The first such instance of a cyberattack on a publishing house took place back in December 2022.[The Guardian](https://www.theguardian.com/media/2023/jan/11/guardian-confirms-it-was-hit-by-ransomware-attack), a popular UK newspaper, **experienced a ransomware attack**. The day-to-day operations were severely affected. Also, the attackers wiped off the personal data of the employees at The Guardian. 

Something similar happened with the[New York Times](https://therecord.media/new-york-times-data-breach-freelancers)as well. In June 2024, a cyber incident took place which exposed the personal data of some of the freelance visual contributors at the New York Times. _The personal data included sensitive details such as the victims’ **mailing addresses**, nationality, phone numbers, social security numbers, etc._

[Radio Geretsried](https://therecord.media/germany-cyberattack-radio-geretsried), a **German radio station**, was also targeted by threat actors back in September 2024\. The hackers allegedly had encrypted all the music files. So, the radio station was forced to broadcast music by leveraging emergency backups.

In June 2024, Kadokawa, a renowned Japanese media company known for its video games, manga, and anime, fell victim to a **ransomware attack** orchestrated by the[BlackSuit gang](https://www.aha.org/news/headline/2024-08-08-agencies-issue-update-blacksuit-ransomware-group). This cyberattack significantly disrupted Kadokawa’s daily business operations. 

The incident highlights the growing need for robust cybersecurity measures, including[phishing protection](/), as phishing remains a common entry point for ransomware attacks. _Implementing advanced **email security solutions**, employee awareness training, and multi-factor authentication can help organizations defend against such threats._

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"US publication house targeted by threat actors!","description":"US publication house targeted by threat actors!: One of the largest newspaper groups in the US- Lee Enterprises, faced the brunt of a cyberattack recently.","url":"https://phishprotection.com/blog/us-publication-house-targeted-by-threat-actors/","datePublished":"2025-02-12T09:55:10.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2025-02-12T09:55:10.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/us-publication-house-targeted-by-threat-actors/"},"articleSection":"foundational","keywords":"Phishing","wordCount":906,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2025/02/phishing-prevention-best-practices-2789.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"US publication house targeted by threat actors!","item":"https://phishprotection.com/blog/us-publication-house-targeted-by-threat-actors/"}]}
```