The Standard-Examiner, Ogden, Utah’s local newspaper, said April 6 that “significant production difficulties” disrupted Monday and Tuesday newspaper printing, delaying delivery for readers in northern Utah.
The disruption preceded a May 2 claim by the Qilin ransomware group involving the Standard-Examiner, but the newspaper has not publicly confirmed ransomware, data theft or a connection between the claim and the April printing delays. The paper directed readers to its digital e-edition while it worked to restore normal production.
The Daily Herald in Provo, a sister outlet, posted a nearly identical notice the same day, saying its own Monday and Tuesday newspaper printing also was affected. The Daily Herald said it and the Standard-Examiner are owned by Ogden Newspapers and directed readers to its digital e-edition.
The public notices did not describe the April production problem as a cyberattack, ransomware event or security incident. They also did not say whether newsroom systems, printing systems, subscriber records or advertising systems were affected.
The Standard-Examiner did not respond to a request for comment by DysruptionHub’s deadline Monday. The newspaper has not publicly confirmed ransomware, data theft or a connection between the April printing disruption and the Qilin listing.
Qilin listed “STANDARD-EXAMINER” on its leak site May 2, nearly a month after the newspaper reported production problems. The listing identified the company as advertising and marketing and linked to the newspaper’s website.
The Standard-Examiner has previously confirmed a ransomware attack. In September 2022, the newspaper reported that ransomware damaged its computer network and delayed the Tuesday print edition until Wednesday. The outage also affected the Daily Herald, which the article said was printed at the Ogden plant.
In that 2022 incident, an Ogden Newspapers of Utah IT director said staff detected the intrusion after the network was compromised, that an infected email was the probable avenue and that the website and digital edition were not affected. The article did not identify a threat actor or describe a public ransomware leak-site claim.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
The episode follows other cyber-related disruptions in newspaper production and distribution. A December ransomware attack at Evergreen Printing Co. in Bellmawr, New Jersey, disrupted printing, subscriber fulfillment and mailing-list processing for customer publications, including The Retrospect. Lee Enterprises, one of the country’s largest newspaper chains, said a February 2025 cyberattack disrupted print distribution, billing, collections, vendor payments and online operations. Qilin later claimed responsibility, and Lee said the incident caused $10.5 million in cyber-related cash-flow losses.
The current unresolved questions are whether the April production delays were caused by a cyber incident, whether the Qilin claim refers to the same disruption, whether any data was accessed and whether any ransom demand was made. The newspaper’s public April notice described only production difficulties and a digital workaround.
As of the latest public notices found, the confirmed impact was disrupted print production and delivery, with digital editions available. No official source has confirmed ransomware, data theft, a threat actor or a connection between the April disruption and the later Qilin claim.
