◆ SpookStack

2 = passing mention of NYTCO - * negative Silicon Alley News: NY Times Internal Network Hacked U= significant mention of NYTGO | _« = positive 3 =industy article = neutral AtNewYork Back to http://www.atnewyork.com/news/article/0,,8471_982161,00.htm] NY Times Internal Network Hacked By Ryan Naraine The New York Times on Wednesday confirmed a computer hacker broke into its internal network, accessing files and folders containing personal information of some of its biggest op-ed contributors, Acting on a whim, 21-year-old California hacker Adrian Lamo found seven misconfigured proxy servers that served as doorways between the Internet and the company’s private intranet. Once he got in, Lamo breached weaknesses in the password policies of the New York Times to expand his access to a database of op-ed contributors, which included social security numbers of people like former U.N weapons inspector Richard Butler, former Clinton aide ’ James Carville, radio personality Rush Limbaugh, Microsoft kingpin Bill Gates, and New York City mayor Mike Bloomberg. New York Times spokeswoman Christine Mohan confirmed the breach and said an active investigation was underway. "The New York Times Company takes the security of its network very seriously...We will take appropriate steps if necessary to ensure the security of our network,” she told atNewYork. Mohan said the company had not contacted Lamo or had not yet identified the source of the intrusion although it is widely known that the hacker immediately contacted the media company with the help of a journalist from SecurityFocus Online Web site, which first reported the story. It is the second time the Times has been the target of hackers. In 1998, a group known as “Hacking for Girlies" (HFG) defaced the company's flagship NYTimes.com site with profanities and racial rants which targeted reporter John Markoff, who authored "TakeDown," a book on the search for convicted hacker Kevin Mitnick. Although the latest breach happened behind the scenes, it highlights the potential security nightmares facing companies that do business on the Internet. : Lamo, who gained notoriety last year after breaching the systems of Yahoo!, Microsoft ISP WorldCom, said he was surprised at the ease in which he got access into the Times' database. http://www.atnewyork.com/news/print/0,,847 1_982161,00.html b6 -1 b7c -1 2/27/02 FBI(19-cv-1495)-1620