◆ SpookStack

e @ fictitious name Eric Yee. (d) New York Times server logs reflect that on February .20, 2002 at 9:30 p.m. EST the intruder logged on using the newly created Eric Yee superuser account and then proceeded to add a record to a New York Times administrative database under the name “Adrian Lamo.” (ea) New York Times server logs reflect that on February 20, 2002, at 10:41 p.m. EST the intruder, still logged into the Eric Yee superuser account, added a record for “Adrian Lamo” to the New York Times Op-Ed database, a database of biographical and other personal information regarding contributors to the Op-Ed ‘page. : 9. A representative of the New York Times had advised me that the New York Times has spent in excess of $25,000 confirming, assessing, and repairing the damage caused by the computer intrusion described herein. 10. In or about early June 2002, I spoke with a representative of LexisNexis (the “LexisNexis Representative”) on a number of occasions. The LexisNexis Representative advised me that five userids/passwords under the New York Times’ account with LexisNexis had been used to conduct more than 3,000 searches over a period of three months. The five userids were TOOMANYSECRETS, PROTAGONIST, LOCUST, VAISHNAV and NU1UJB. The LexisNexis representative also advised me that during the month of February 2002, the searches conducted by these five userids/passwords ‘represented approximately 18% of all searches performed under the New York Times account. The LexisNexis Representative advised me that he had communicated with the New York Times about the activity under the compromised userids/passwords and confirmed that the userids/passwords were created using the fictitious Eric Yee user account. The LexisNexis Representative advised me that these userids/passwords had been used to access LexisNexis services from, among other places, IP addresses associated with two Kinko’s locations, one in Oxnard, California and one in Sacramento Valley, California.*® The LexisNexis Representative further advised me that the charges incurred through the use of the five compromised userids/passwords amounted to approximately $300,000. , In a number of articles published by reporters who have interviewed LAMO, it is reported that LAMO carried out many of his computer intrusions from his laptop at a Kinko’s location. -7- FBI(19-cv-1495)-233