New York Times source code leaks online via 4chan

The Register (UK) ^ | 7 Jun 2024 | Jessica Lyons

[Salman]

A 4chan user has leaked 270GB of internal New York Times data, including what's said to be source code and other web assets, via the notorious image board.

According to the unnamed netizen, the information includes "basically all source code belonging to The New York Time Company," amounting to roughly 5,000 repositories and 3.6 million files now available for download from peer-to-peer networks. Details on how to get the files were shared by the poster on 4chan.

While The Register has seen what's said to be a list of files in the purported leak, we have not yet verified the legitimacy of the leak, and the newspaper did not respond to inquiries about the case.

Of the files listed - whose names indicate everything from the blueprints to Wordle to email marketing campaigns and ad reports - "less than 30" repositories are "encrypted," the 4channer said.

The Register will update this story if and when we receive a response from The Times. But if true, the theft could potentially cause a huge headache for the newspaper, given the list of stolen data. There's a lot of JavaScript and TypeScript in there, judging by the filenames, plus some personal information.

...

[ProtectOurFreedom]

All right!! How soon can hackers find and disable their paywall code?

[Salman]

Updated to add on June 10

The New York Times has confirmed the theft, saying an accidentally leaked credential was used to snatch its source code and assets from a third-party code hosting platform.

[Jonty30]

Find the journalist. You know they have one.

[ComputerGuy]

The NYT has zero intellectual property that would be of interest to any thinking person.

[z3n]

That smarts.



The NYT has friends in DC. While I suspect 4chan has outdone itself this time, I wouldn't be surprised if the gray lady leans into this one. You may be hearing more about this story down the road.

[Freeleesy]

Of course I’m no 4chan fan but hey, F#k liberal nySlimes.

[ProtectOurFreedom]

“an accidentally leaked credential”

That’s the cause of 90% of all “hacks.”

Fred should have changed his password from “abc123” a lot sooner. Using that for twenty years was not a good idea.

[Red Badger]

emails?..........................

[JSM_Liberty]

“All right!! How soon can hackers find and disable their paywall code?”

Changing the code would be easy.

Installing the updated code on the NYT servers without anyone noticing will be a little more difficult.

[bigbob]

Just redirect the paywall to Pornhub

[usurper]

The NYT has zero intellectual property that would be of interest to any thinking person.

That was my first thought.

[RckyRaCoCo]

All the news that fixed to print.

[Nervous Tick]

>> But if true, the theft could potentially cause a huge headache for the newspaper

Feel-Good Story of the Day!!!

[MeganC]

“The New York Times has confirmed the theft, saying an accidentally leaked credential was used to snatch its source code and assets from a third-party code hosting platform.”

GitHub?

[Billthedrill]

It’d be a shame if some villain hacked their online daily with Weekly World News stories.

[srmanuel]

Probably already have done it

[catnipman]

“The NYT has zero intellectual property that would be of interest to any thinking person.”

i was trying to figure out what good such source code would do for anyone ... maybe duplicate the NYT website for phishing purposes? ... wouldn’t even necessarily help to hack NYT again IF they tighten their security ... it’s possible that hackers installed backdoors, but that’s a separate issue from stealing useless source code ...

[New Perspective]

All right!! How soon can hackers find and disable their paywall code?

If you hit F9 or click on the little box in your browser on the top right that looks like a reader symbol, it is the toggle reader tool, you will skip the paywall.:)

[kiryandil]

My day just got better.