Newsletter
The New York Times warned several of its freelance contributors about a recent data breach. The company contacted those who have worked with them in recent years about the situation. The attack could have compromised much of their personal information.
The data breach occurred following an attack on the New York Times‘ GitHub repositories. The hacker obtained source code which included personal data from multiple freelancers. The hacker then posted this data on 4chan, a popular imageboard where users are anonymous. The leak includes around 5,000 repositories and 3,6 million files.
A hacker got and exposed personal data of New York Times contributors
All the data was available for download in a 4chan post using P2P networks. Sensitive information stolen from freelancers includes full names, phone numbers, nationalities, bio info, postal addresses, websites, phone numbers, and even social media accounts. The exposed data even includes bits useful to obtain certifications of multiple types and specialized equipment, among other things.
It is noteworthy that there is no exact number for how many freelancers were affected by the New York Times data breach. In this regard, a company spokesperson said that “The New York Times recently communicated to some of our contributors regarding an incident that resulted in the exposure of some of their personal information.” The spokesperson adds “We send this note to freelance visual contributors who have done work for The Times in recent years. We don’t have indications the data exposure extended to full-time newsroom staff or other contributors.”
Hackers often target the freelancer segment for their attacks. They can use this kind of personal data to organize massive frauds or for potential illegal activities. Therefore, these types of situations can be quite dangerous for those affected. Sadly, this time, the New York Times was not up to par when it came to protecting the personal data of its collaborators.