As disruption from a suspected ransomware attack on newspaper publishing giant Lee Enterprises span into its second month, the cyberattack is also affecting payments to freelancers and contractors who work for the company, TechCrunch has learned.

The cyberattack on Lee Enterprises on February 3 sparked widescale outages and ongoing disruption at dozens of newspapers across the United States, including delays to print editions. Lee confirmed on February 18 that the hackers “encrypted critical applications” affecting the company’s operations, including its “distribution of products, billing, collections, and vendor payments.”

One contractor for a Lee-owned property, who asked not to be identified for fears of retaliation, told TechCrunch that as an outside vendor, they still have not been paid for their work a month after the cyberattack. 

The person told TechCrunch that Lee Enterprises said it was working on the issue, but that the person hasn’t heard anything from the company since mid-February. The person, who is owed thousands of dollars, said that the situation is causing anxiety and uncertainty.

“Lee Enterprises and its subsidiaries work with a diverse network of vendors to provide services for the company’s operations,” the person said. “This vendor network includes both businesses and individual freelance workers who are hired to perform a range of services including editorial content production,” they added.

The contractor said they have no estimated timeline for when they can expect the vendor payment system to be running again.

Salaried staff are unaffected, TechCrunch understands, although one system that Lee Enterprises employees use to file reimbursements for their expenses is still inaccessible, a person familiar with the matter told TechCrunch.

When asked about payments to vendors, freelancers, and contractors, Lee spokesperson Tracy Rouch could not confirm and would not comment beyond the company’s regulatory filing on February 18.

According to that filing, Lee said the cyberattack was “reasonably likely to have a material impact on the Company’s financial condition or results of operations.”

Qilin, a prolific ransomware gang known for disruptive cyberattacks, has since taken credit for the cyberattack at Lee Enterprises in a post on its dark web leak site, which it uses to extort victims into paying a ransom. 

Rouch said Lee Enterprises is “aware of the claims and are currently investigating them.”

Carly Page contributed reporting.

Do you know more about the cyberattack at Lee Enterprises? Contact Zack Whittaker securely on Signal and WhatsApp at +1 646-755-8849. You can also share documents securely with TechCrunch via SecureDrop.