New York Times Hacked? 103
First time accepted submitter porsche911 writes "It looks like the NYTimes have been hacked and a large number of subscribers spammed with messages about cancellation of their service. The phone system is overwhelmed as well. The Times is currently saying the email is a fake, but that raises other worries. They were one of the only 3rd parties that had the email in question so it appears either someone really screwed up or they've suffered a data breach."
Update: 12/28 21:59 GMT by S : Looks like it was just a mistake by an employee.
Well, they tried hacking the The New Yorker first (Score:5, Funny)
But then they found out that New Yorker readers were far too smug to lower themselves to reading email.
Re: (Score:3, Interesting)
Re: (Score:2)
Re: (Score:1)
Re: (Score:3)
Re: (Score:2)
I got a call from a girl telling me that we can not see each other anymore, and I did not even have a girlfriend.
Re:Well, they tried hacking the The New Yorker fir (Score:5, Interesting)
Too true, and too funny. You forgot to mention that this is also a method to retain customers after their dismal and continual failure to retain a readership base.
Re:Well, they tried hacking the The New Yorker fir (Score:4, Funny)
I was happy I was unsubscribed, as I have never signed up for anything New York times related ever. So that information that I was unsubscribed had me thanking God.
Sadly, it now appears to be a hoax. I am now crushed in despair.
Re: (Score:1, Troll)
[neckbeard mode]
The term is "cracked" not "hacked". When will those stupid lusers ever learn the difference?
[neckbeard mode]
Re: (Score:3)
Re: (Score:3)
Can't be so sure of that... did people give up their account info to the man-in-the-middle thinking it would continue a subscription somebody else in the household seemed to have canceled?
Re: (Score:2)
Re: (Score:2)
What MIM attack do you refer to? The email gives a phone number to contact, not an email or web page. Unless they have found a way to proxy telephone calls, I don't think it's a MIM.
Re: (Score:3)
There are plenty of corrupt call centers in the world. They'll answer the phone and collect data based on the check clearing and not whether they've been hired by the legit management of the brand they answer the phone as. Some call centers are stupid enough to think they're doing the right thing when really they're supplying credit card numbers to the wrong people.
Re: (Score:2)
Nothing of value lost. He's dissing the NY times as no big loss if you don't get it anymore.
It's probably something schemed up by some agents in support of this draconian bill they are trying to pass.
Re: (Score:2)
We take NY Times articles about tech seriously around here. The dead tree edition may be falling apart and their info-wall turned pay-wall strategy might not be liked, but Slashdot would be worse off if the NY Times was to fail completely.
Re: (Score:2)
Interesting.
I am thinking it's a known left leaning publication and the Right wants SOPA jammed through because they want a foot in the door, to lay down foundations for more intrusive measures into the Internet. Frankly it's a thorn in their sides, they could have swept OWS under the rug if it wasn't for the Internet. I figure it's another cheesy black ops project ran by some out of control spooks either from an alphabet agency or worse, some corporate cowboys that are completely off radar.
If they can dist
Seems the New York Times keeps a spam list (Score:5, Interesting)
Re: (Score:3)
I do not have a home delivery subscription, just one for the Crossword puzzles, and I received not one, but two spam emails. One to an old email address I used for the account and one for the current email.
As such, it appears that the list does include NY Times account holders of various types. Perhaps this was combined with other spam lists too.
Could be untargeted phishing (Score:4, Insightful)
It could also be that some con-artist somewhere is sending out phishing emails, designed to look like Times cancellation notices, and sent to large numbers of harvested email addresses. Since the set of NYT subscribers with an email address is a proper subset of the set of people with an email address, a lot of NYT subscribers would still be hit.
But "New York Times Hacked" makes for a better headline.
Re: (Score:2)
I's say its a mechanical turk implementation of a DDOS!
Spam a bunch of people pretending to be target. A certain percentage of people think e-mail is real and flood legitimate communication channels of said target. (???? / Profit)
Re:Could be untargeted phishing (Score:5, Insightful)
The bounce in the header of the message implies that it was triggered internally. It wouldn't have been used to launder the list, because the bounces would have gone back to NYT.
My guess is that it's not a DDOS, it's a fuckup.
Yup, it's a fuckup (Score:2)
My guess is that it's not a DDOS, it's a fuckup.
Looks like you get the gold star. Good call. :)
Re: (Score:1)
Re: (Score:2)
That means that NYT might not have been compromised. The e-mail spammer just took advantage of NYT to ensnare recipients or intends to damage NYT.
Re: (Score:2)
I would agree, except for the fact that I received the message on a throw-away address I only gave the New York Times to use their app.
It seems clear to me then that their accounts list was compromised.
dZ.
Re: (Score:2)
Same here. They only have my e-mail address because I use to log in. BugMeNot's accounts don't always work.
NY Times Response (Score:5, Informative)
Re: (Score:1)
We’re working to coordinate a response
Good to know they're on top of things.
Re:NY Times Response (Score:4, Interesting)
They also need to get their DNS updated to also include a genuine SPF record and not rely entirely on the TXT record.
Re: (Score:2)
Re: (Score:2)
the largest adopters of SPF to date are spammers.
By what measure? Every large e-mail company publishes SPF records. Lots of small ones do too.
I'd be surprised if the vast majority of active e-mail accounts didn't have SPF records to check (excepting Yahoo, which is domainkeys-or-bust).
Print Subscribers Only (Score:4, Informative)
This appears to be a phishing attack aimed at getting NY Times readers to re-up their subscription with a phony contact given. Looks like their e-mail list got leaked.
Re: (Score:1)
Re: (Score:3)
Look at the headers and see if the SMTP connection really came from 208.70.142.0/23 or not.
Re:Print Subscribers Only (Score:4, Insightful)
Then how would you explain that I received the message on an e-mail address that I made specifically to use the NYT app and never have used for anything else?
That automatically rules out a third party. It was either sent in error, or their user accounts list was indeed compromised.
A possible third alternative is that they shared their accounts list with a partner that was then compromised. Either way it seems the list was compromised.
Re: (Score:2)
That's what I get for RFTAing... the e-mail clearly identifies it as a print subscription being canceled, but your report of it going out to app users shows a wider breach than I first thought.
Re: (Score:2)
What I can say is that the headers appear to indicate that the email is from the NYT servers. There are no fancy links in the email that would otherwise be used
Mod my own post down... (Score:2)
This post was written before the thread below it proved my theories wrong.
Used the unique address I gave to the NY Times (Score:5, Informative)
I got the email too, and it used the unique email address I gave to the NY Times, so either they were breached or some company they gave my data to was breached.
Joe Katz on twitter says the same thing:
"Joe Katz @joekatz 1h
@NYTPRGUY thing is, I got a "subscription cancelled" message sent to an email alias that only @NYTimes has for me. Was your list hacked?"
So remember folks when you outsource your IT and marketing and provide them your customer data, you are opening your customers up to their low security practices.
this will shed light (Score:3)
Indeed, this will probably force the NYT to shed light on who they share their subscribers' contact information with.
I can confirm the email being sent out. (Score:5, Informative)
Dear Home Delivery Subscriber, Our records indicate that you recently requested to cancel your home delivery subscription. Please keep in mind when your delivery service ends, you will no longer have unlimited access to NYTimes.com and our NYTimes apps. We do hope you’ll reconsider. As a valued Times reader we invite you to continue your current subscription at an exclusive rate of 50% off for 16 weeks. This is a limited-time offer and will no longer be valid once your current subscription ends.* Continue your subscription and you’ll keep your free, unlimited digital access, a benefit available only for our home delivery subscribers. You’ll receive unlimited access to NYTimes.com on any device, full access to our smartphone and iPad® apps, plus you can now share your unlimited access with a family member. To continue your subscription call 1-877-698-0025 and mention code [] (Monday–Friday, 8:30 a.m. to 8:30 p.m.; Saturday, 9 a.m. to 3 p.m. E.D.T.).
Doesn't look like they're trolling for information, but I have not tried the number.
Re: (Score:3)
To continue your subscription call 1-877-698-0025 and mention code [] (Monday–Friday, 8:30 a.m. to 8:30 p.m.; Saturday, 9 a.m. to 3 p.m. E.D.T.).
Doesn't look like they're trolling for information, but I have not tried the number.
The phone number above asks you to send a fax to a different number. They're *definitely* trolling. Note that the real phone number is 1 800 NYTIMES.
Re: (Score:2)
Ooh, ooh, ooh... FAX?
I predict they will begin receiving sheets of black construction paper shortly...
Re: (Score:2)
Ooh, ooh, ooh... FAX?
I predict they will begin receiving sheets of black construction paper shortly...
I recommend full color Goatse.
Re: (Score:2)
Oh, man what a *great* idea, thanks!
Re: (Score:1)
208.70.142.121
It's from them or their marketing partner.
I'm putting my money on a marketing campaign gone wrong.
Re: (Score:3)
Back? Good. Epsilon does spam-for-hire for a number of companies; apparently the crack reporting staff at the NYT isn't intelligent or diligent enough to figure this out and report it to their own management. This is hardly the first incident involving them -- or rather, it's hardly the first widely-known incident involving them. Those of us
Re: (Score:2)
Post the email headers ... at least the one showing where the SMTP connection came from.
Re: (Score:2)
from: The New York Times nytimes@email.newyorktimes.com
reply-to: "\"no-reply\""
to: nonyerdamnbiznezz@somemaildrop.com
date: Wed, Dec 28, 2011 at 12:35 PM
subject: Important information regarding your subscription
mailed-by: email.newyorktimes.com
Re: (Score:2)
well-done walled garden (Score:1)
Re: (Score:2)
20 articles? I could use that allotment up in a day or two.
Re: (Score:1)
Re: (Score:2)
Their walled garden takes cash from people who can afford it AND (want to support the times OR are too stupid to clear cookies).
The rest of us can either not read it or read it for free.
I like it. This should be the funding model for the Internet. Kind of like the art patrons of the renaissance.
DNS Hack? (Score:4, Informative)
Re: (Score:2)
Or ... the hack could have actually been executed inside the NYT network. We know big businesses are incapable of completely securing their networks, so it is plausible. Or it could have been a staffer error. We'll never know because people at NYT are all too familiar with all the many ways of covering up bad stuff.
Re: (Score:1)
The NY times has been hacked before and is frequently a target for hackers, defacements etc and very likely invests a good sum of money in internal security. However, their mass emails are done by an external vendor, and that's just probably managed as
Turn off Javascript when going to nytimes.com (Score:1)
If you surf their site with Javascript turned off, you don't have to sign in at all.
Not surprising (Score:5, Interesting)
Re: (Score:2)
http://www.nytimes.com/2011/12/29/world/europe/despite-drop-in-borrowing-rates-italys-economic-travails-remain-acute.html?hp&gwh=EDDD7B35BB09C81DDA0899E0B59BC09C [nytimes.com]
changes to
http://www.nytimes.com/2011/12/29/world/europe/despite-drop-in-borrowing-rates-italys-economic-travails-remain-acute.html [nytimes.com]
Bam, all the free New York Times content you want.
Re: (Score:2)
Does it still work today?
I bookmarked it and tried a few NYT articles, but I keep gettings its JS code in my Mozilla's SeaMonkey v2.0.14 web browser? :(
Copy of E-mail headers (Score:2)
Available here: https://gist.github.com/1529336 [github.com]
Received: from dmx1.bfi0.com (dmailer0121.dmx1.bfi0.com. [208.70.142.121]) by mx.google.com with ESMTP id v2si13633651ane.208.2011.12.28.10.17.18; Wed, 28 Dec 2011 10:17:18 -0800 (PST)
Interesting areas:
DKIM-Signature: v=1; a=rsa-sha1; d=email.newyorktimes.com; s=ei; c=simple/simple; DomainKey-Signature:
Re: (Score:1)
well-timed blow (Score:2)
A phishing scheme with great timing? (Score:2)
I received a similar message. For the past year, I've had a subsidized, free subscription to the website, and I've been notified that my access will be cut off (or greatly curtailed) if I don't upgrade to a regular digital subscription. I had thought that the subscription department was proposing a new offer-- half price for 16 weeks, rather than 99 cents for the first 8 weeks, then a regular rate afterwards.
Re: (Score:1)
All the names fit to print. (Score:2)
I was wondering about that e-mail (Score:1)
I got one today as well. Thought it was strange since I have an account on the web site, but I'm not actually a subscriber. Good to know that it's a mistake and that I'm not using that account for anything important. Hope they weren't hacked though.
Gmail's SPAM filter updates/adapts fast! (Score:4, Interesting)
So I got the email in my Gmail account, which is how I've signed up for home delivery of the NYT. I'll foolishly admit that I was fooled, and called the number in the email and got the recorded message saying that the line was busy (maybe that was the whole point, now they've got my number too).
Anyway, I didn't want to lose the delivery, so I marked the email as unread so that I could address it later and logged out of Gmail.
After about 20/30 minutes when this story broke on /. and other sties, I figured I'd log back into Gmail, check my email (what you don't compulsively check email?) and delete this spam. I couldn't find it in my inbox! I checked the trash thinking I may have deleted it, but it wasn't there. Then I thought to check the SPAM folder, and sure enough it was in there, still marked as unread.
Gmail updated the spam policy to classify this specific email as spam in about 20 minutes, where as it had made it into my inbox before.
Upon reflection, it's not surprising, I'm sure a lot of users marked it as SPAM in the last 20 minutes, but still was interesting for me to note. Gmail's spam filter is usually pretty good, I NEVER even look in the spam folder (even for false positives) so this was an interesting experience. I wonder if I'd left it marked as "read" and not remarked it as "unread" if it would still have been moved out from my inbox to the spam list?
Re: (Score:1)
Re: (Score:1)
Second, having conducted extensive testing on Gmail's spam filter, I can only award it a C; both its false positive and false negative rates are unacceptably high, certainly not good enough to qualify for professional use. (However, let me note in passing that this mediocre performance is still much better than that of others competing in the same space;
Re: (Score:1)
Hey, watch it...it may be a little messy here, but its no stie !
-KI
Re: (Score:1)
I think that this is biggest news than the article itself. As a sysadmin, i consider the inbox of the mail server write-only. Altering the inbox in any other way except dropping messages in it, should be only done by the user or with the user's consent.
Missing WHERE? (Score:1)
Sounds like someone forgot the WHERE clause when sending out the email.
NYT admits they screwed up (Score:4, Informative)
According the the linked article, an update from NYT indicates that they sent the email. It was supposed to go to 300 people, instead, it went to all 8M people with NYT accounts.
I got one too. (Score:2)
They're now claiming it was their error (Score:1)
I just got this:
Dear New York Times Reader,
You may have received an e-mail today from The New York Times with the subject line “Important information regarding your subscription."
This e-mail was sent by us in error. Please disregard the message. We apologize for any confusion this may have caused.
Sincerely,
The New York Times
"e-mail sent by us in error" (Score:1)
It looks like someone at the Times made a mistake.
I just received this from NYTimes:
"Dear New York Times Reader,
You may have received an e-mail today from The New York Times with the subject line “Important information regarding your subscription."
This e-mail was sent by us in error. Please disregard the message. We apologize for any confusion this may have caused.
Sincerely,
The New York Times"
Blame hacking by default (Score:3)
It's not unusual for this sort of thing to happen, unfortunately. Within the past year I've received at least two spammy emails from different companies which were followed in short time by a second email apologizing for the error. People make mistakes, and always have - so, when it involves electronic communication, I wonder why we're so prone to immediately blaming a hacker for it when a simpler explanation is readily available?
If someone were to hack the New York Times, I wouldn't think sending out cancellation notices would be high on their "to do" list - whether they were a kiddie hacker or of a more serious bent.
Re: (Score:1)
Re: (Score:2)
More likely is that they are just trying to coast off some media attention.
Hey I wanted the deal! Darn! (Score:2)
One of my first jobs was as a route driver for the NYT. It was a crappy job, the pay sucked, and it wore on my car something fierce. And I left a relative at home every night and didn't realize they were going insane, quite literally, with worry about me out driving the streets.
However, the job taught me a LOT about how to organize a delivery route for efficiency, I got to drive all over literally the richest neighborhood in my city, and for a period of time, I was proud to say I worked for The New York
New York Times,on Linux? (Score:1)
Darn! (Score:1)
I was hoping they replaced the articles with million-monkey random gibberish... at least then there would be the chance of some accuracy slipping in!