New York Times Leaked Source Code Sparks Security Concerns
A recent leak on the notorious image board 4chan has claimed to expose 270GB of internal New York Times data, including source code and various web assets. The anonymous user behind the leak alleges that the leaked information encompasses nearly 5,000 repositories and 3.6 million files, now circulating on peer-to-peer networks.
While The Register has gained access to a list of files supposedly included in the leak, the authenticity of the breach remains unverified as the newspaper has not responded to inquiries regarding the incident. The 4chan user stated that less than 30 repositories are encrypted, with file names suggesting a wide range of data such as blueprints, Wordle, email marketing campaigns, and ad reports.
In light of the potential severity of the situation, The Register is awaiting a response from The New York Times to provide further updates on the matter. If confirmed, the theft of such data could pose significant challenges for the newspaper, particularly considering the sensitive nature of the stolen information, which includes JavaScript, TypeScript, and possibly personal details.
This incident is reminiscent of past cybersecurity breaches targeting media organizations, such as the 2013 attacks by the Syrian Electronic Army that disrupted the operations of various news outlets, including The New York Times. Additionally, suspected Russian cyber-spies infiltrated email accounts of American news organizations in 2016, highlighting the ongoing threats faced by the media industry in the digital age.