NY Times Suffers Major Data Breach: 270GB Leaked, Including Wordle and IT Docs

June 9, 2024
NY Times Suffers Major Data Breach: 270GB Leaked, Including Wordle and IT Docs
Tech
Tech
AI
AI
Cybersecurity
Cybersecurity

  • The New York Times Company experienced a major security breach in January 2024.

  • 270GB of internal data, including IT documentation, infrastructure tools, and the Wordle game, were leaked on 4chan.

  • The breach occurred through the company's GitHub repositories using an exposed GitHub token.

  • Attackers accessed fewer than 30 out of over 5,000 source code repositories.

  • The Times initially attributed the breach to a third-party code platform but later confirmed it was GitHub.

  • Despite the breach, the company's internal systems and operations remained unaffected.

  • This incident highlights the persistent challenges and risks associated with cybersecurity in the digital era.

  • The connection between this breach and a recent Disney hack remains unclear, and the identity of the threat actor is still unknown.

Summary based on 6 sources

Get a daily email with more Tech stories

Sources

New York Times code stolen and leaked on 4Chan — Wordle apparently included

Mashable • Jun 8, 2024

New York Times code stolen and leaked on 4Chan — Wordle apparently included
New York Times source code stolen using exposed GitHub token

BleepingComputer • Jun 8, 2024

New York Times source code stolen using exposed GitHub token
'New York Times source code' leaks online via 4chan

The Register • Jun 8, 2024

'New York Times source code' leaks online via 4chan
New York Times source code compromised via exposed GitHub token

Security Affairs • Jun 8, 2024

New York Times source code compromised via exposed GitHub token

More Stories