A significant cyberattack has been disrupting the operations of Lee Enterprises, a major newspaper publishing company, for three weeks, resulting in ongoing outages.

According to a filing with the U.S. Securities and Exchange Commission, Lee Enterprises is currently conducting a thorough forensic analysis to determine the extent of the breach and whether any sensitive or personal data was compromised during the attack.

The company has revealed that preliminary investigations suggest unauthorized actors gained access to its network, encrypted critical applications, and extracted certain files, characterizing the incident as a ransomware attack, as stated in its filing.

Lee Enterprises anticipates that the outages will persist for several more weeks as the company works to restore the affected systems, and has notified law enforcement about the incident.

The cyberattack has significantly impacted the company’s operations, including the distribution of products, billing, collections, and vendor payments, with print publications facing delays and online operations experiencing limitations, as outlined in the filing.

Tracy Rouch, a spokesperson for Lee Enterprises, was unavailable for comment on Tuesday.

As one of the largest newspaper publishers in the United States, Lee Enterprises provides publishing and website services to 72 publications across the country.

The company informed affected media outlets on February 3 that one of its data centers was offline, affecting applications and services used by Lee and its customers, including services for paying subscribers, according to an email from Lee CEO Kevin Mowbray.

Subsequently, Lee reported that its customers were unable to log in or access key business applications.

Several newspapers owned by Lee continue to experience disruptions to their regular news-printing operations, with The Winston-Salem Journal in North Carolina stating that the disruptions prevented the printing of several editions, and two Oregon-based newspapers, Albany Democrat-Herald and Corvallis Gazette-Times, facing similar issues that halted the publication of at least two editions until the weekend.

Some Lee publications are displaying website messages indicating that they are undergoing maintenance, which may temporarily affect access to subscription accounts and the E-edition.

The Freedom of the Press Foundation is maintaining a list of affected outlets.

Lee Enterprises believes that the incident will likely have a significant impact on the company’s financial results.

Do you have more information about the cyberattack at Lee Enterprises? You can contact Zack Whittaker securely via Signal and WhatsApp at +1 646-755-8849, or share documents with TechCrunch through SecureDrop.