Lee Newspaper Breach Credited To Quilin Cybercrime Ring.
The Criminal Outfit Known As Ransomware -As-A-Service (RaaS) Promises That It Would Release The Stolen Data In Two Days, But Strangely, It Doesn't Demand A Ransom From It's Victim.
A Russian Speaking Cybercrime Organization called Quilin has taken credit for early February Cyber Attack that Affected Lee Enterprises' business activities. With publications in 72 areas, including the Buffalo News, Omaha World-Herald, and Richmond Times-Dispatch, Lee Enterprises is one of the biggest newspaper organizations in the United States. It described the cyber-attack, which resulted in an outage that severely damaged it's operations, in a report it submitted to the SEC last Month.
Lee Enterprises stated at the time of the filling that it was still looking into the data Breach, but that might take some time to finish the process. On their Tor leak site, Quilin, which usually uses a ransomware-As-A-Service (RaaS) model, is now alleging that 350GB of the company's data were stolen. According to the report, the information includes financial records, journalist payments and insider news strategies, additionally, the organization published spreadsheets, company records, and ID scans that they said we're evidence of the hack. As for Lee Enterprises, the company told cybersecurity Dive, " we are aware of the claims and are currently investigating them. "
The message on the group's leak website, which security affairs first reported, stated, " The documents we hold about Lee Enterprises reveal details worth nothing-investor records, financial arrangements that raise questions, payments to journalists and publishers, funding for tailored news stories, and approaches to obtaining insider information." They assert stronger reader ties, stability in the face of economic upheavals, and a leading position in digital marketing and content offerings by concentrating on local audiences.
However, the data we have discovered may provide an alternative viewpoint. There is no explicit reference to the organization requesting a ransom from Lee Enterprises on the leak site, despite the fact that it has been using a double extortion -based RaaS strategy since 2022. But it issued a warning: " watch this space-Lee Enterprises is aware of what's in Play."
