Lee Enterprises, one of the largest newspaper publishers in the United States, is reeling from a devastating cyberattack that has crippled its operations for weeks. The company, which provides publishing and website services to 72 publications across the country, disclosed the incident in a filing with the U.S. Securities and Exchange Commission.

The cyberattack, which began several weeks ago, has resulted in the encryption of critical applications and the exfiltration of certain files, according to Lee Enterprises. The company is currently conducting a forensic analysis to determine if sensitive or personal data was stolen during the incident. Law enforcement has been notified, and an investigation is underway.

The attack has had a significant impact on Lee Enterprises' operations, causing disruptions to the distribution of print publications, billing, collections, and vendor payments. Online operations have also been partially limited, affecting the company's ability to provide services to its customers. Several Lee-owned publications have reported disruptions to their regular news-printing operations, with some unable to print editions for days.

The Winston-Salem Journal, covering North Carolina, was among the affected publications, unable to print several editions due to the disruptions. Similarly, two Lee-owned Oregon-based newspapers, Albany Democrat-Herald and Corvallis Gazette-Times, experienced issues preventing the publication of at least two editions until the weekend. Other Lee publications have displayed website messages indicating that they are "currently undergoing maintenance on some services, which may temporarily affect access to subscription accounts and the E-edition."

The Freedom of the Press Foundation has been tracking the affected outlets, providing a running list of those impacted by the cyberattack. The incident is expected to have a material impact on Lee Enterprises' financial results, according to the company's filing.

The cyberattack on Lee Enterprises serves as a stark reminder of the vulnerability of critical infrastructure to cyber threats. As the company struggles to recover from the incident, it remains to be seen how long it will take to restore affected systems and what measures will be taken to prevent similar attacks in the future.

Lee Enterprises did not immediately respond to a request for comment on the incident. The company's CEO, Kevin Mowbray, notified affected media outlets on February 3 that one of its data centers hosting applications and services used by Lee and its customers was "down."

As the investigation into the cyberattack continues, the incident serves as a wake-up call for organizations to prioritize cybersecurity and protect against the ever-evolving threat landscape. With the potential for significant financial and reputational damage, companies must remain vigilant in the face of cyber threats.