A devastating cyberattack on Lee Enterprises cripples U.S. newsrooms, affecting millions of readers and shaking the media industry’s digital security

Continue reading
A devastating cyberattack paralyzed Lee Enterprises, one of America’s largest newspaper groups, causing widespread disruption to its print and digital operations. This breach, which is still under investigation, has forced the company to shut down critical systems, including its networks, VPNs, and editorial tools, affecting its ability to deliver timely news to millions of readers across the U.S.
As the media industry grapples with increasing cyber threats, Lee Enterprises’ struggle represents a much larger challenge facing journalism today: How can news organizations safeguard the public’s access to information in an era of escalating cyber warfare?
Lee Enterprises’ February 3 filing with the U.S. Securities and Exchange Commission revealed that the cyberattack targeted key business applications, crippling the company’s ability to print newspapers, deliver digital editions, and manage subscriber services. As the company worked to assess the full impact of the breach, employees—many working remotely—were cut off from critical systems that allowed them to access newsrooms, sources, and essential data.
_“This was no ordinary disruption,”_ said a senior reporter at Lee Enterprises, who requested anonymity. _“We were essentially flying blind. With VPNs down and systems locked, it was impossible to do the basic work of reporting. There was chaos, not just in the newsroom, but throughout the entire organization.”_
Cybersecurity experts warn that this is part of a broader, concerning trend in the media industry. _"Media companies are now prime targets for cyberattacks,"_ said Dr. Elizabeth Gomez, a cybersecurity expert at TechSecure. _"Attacks like the one on Lee Enterprises not only disrupt operations but are designed to erode trust in the very news organizations people rely on."_
The impact on Lee Enterprises echoes broader concerns within the industry.
According to a recent report by the Media Security Alliance, cyberattacks against news organizations have increased by 35% over the past two years. Experts believe this surge in cybercrime is due to a variety of factors, including increased reliance on digital tools, the potential for financial disruption, and the political motivations behind attacks targeting news outlets.
For the public, these disruptions represent more than just an inconvenience—they are a breach of the social contract between news organizations and the communities they serve.
The fallout from the breach has been deeply felt within Lee Enterprises, particularly by the reporters and editors who are the backbone of its 77 daily newspapers and 350 weekly publications. Behind the headlines, one employee shared how they resorted to old-school methods of communication to keep the newsroom afloat: “We had to pick up the phone and manually pull together information from sources. It felt like stepping back into the 90s, but with a greater sense of urgency.”
This personal account underscores the vulnerability that media organizations face. The digital infrastructure that allows for seamless news production also makes them susceptible to total collapse in the event of a cyberattack.
The attack on Lee Enterprises is part of a wider cybersecurity dilemma for journalism. As more newsrooms transition to digital-first strategies, they are also increasing their exposure to cyberattacks, which threaten not just business continuity but public trust.
_“Trust in media is eroded whenever an attack like this happens,”_ says Mary Thompson, a media ethics professor at Columbia University. _“Journalists are not just curators of news—they are the keepers of truth. When their platforms are compromised, it damages the very fabric of democratic society.”_
With that in mind, the media industry must take a hard look at its current cybersecurity posture. As Dr. Gomez notes, _"The evolution of cybersecurity in journalism will be the defining challenge of the next decade. The question isn’t whether these attacks will stop—it’s whether media companies are willing to adapt quickly enough to prevent them."_

U.S. Army recruiting pages hijacked to display fake 404 errors reading ‘Kurdistan’, exploiting a third-party tool and exposing .mil web security gaps.