New York Times warns freelancer journalists their data may have been stolen in cyberattack

News
By published

4chan data incident leaked more than Wordle blueprints

Wordle on New York Times
(Image credit: ShutterStock)

The New York Times has warned a number of its freelance associates that their data may have been stolen in a recent attack on its GitHub repositories.

News recently broke of a hacker posting source code belonging to the New York Times Company on the anonymous imageboard, 4chan. 

The archive contained some 5,000 repositories, and 3.6 million files, which were made available for download via peer-to-peer networks. Among the files were Wordle blueprints, email marketing campaign information, ad reports, and more.

Phishing with job ads

At this time, we don’t know how many freelancers are affected by the breach, but we do know that the hackers stole their full names, together with a combination of either phone numbers, email addresses, postal addresses, nationality, biographies, website URLs, and social media handles.

In some cases, the attackers also obtained information relevant to different assignments, such as diving or drone certifications, or access to specialized equipment.

"The New York Times recently communicated to some of our contributors regarding an incident that resulted in the exposure of some of their personal information," a Times spokesperson told BleepingComputer. "We sent this note to freelance visual contributors that have done work for The Times in recent years. We don’t have indications the data exposure extended to full-time newsroom staff or other contributors."

Cybercriminals could make good use of such data, to mount highly disruptive phishing attacks. For example, North Korean state-sponsored hackers, Lazarus Group, were seen  making fake job ads and distributing infostealers masqueraded as job requirement documents. One of these attacks resulted in the theft of more than half a billion dollars from a cryptocurrency company.

Freelancers are always looking for new job opportunities, which could make them more susceptible to phishing emails, compared to the average consumer. Especially if the new gig seemingly comes from the New York Times.

More from TechRadar Pro

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Security padlock and circuit board to protect data
Foh&Boh data leak leaves millions of CVs exposed - KFS, Taco Bell, Nordstrom applicants at risk
Security padlock and circuit board to protect data
A major US TV broadcaster leaked over a million sensitive files online
A graphic showing someone on a tablet working through a supply chain.
Security issue in open source software leaves businesses concerned for systems
Red padlock open on electric circuits network dark red background
Newspaper printing across US hit after Lee Enterprises says “cybersecurity event” disrupted operations
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
How to prevent cyberattacks
NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
Zotac Gaming RTX 5090 Graphics Card
Nvidia Blackwell stock woes are compounded by price hikes as more RTX 5090 GPUs soar in pricing, and I’m sick and tired of it all at this point
A collage of Elizabeth Olsen's Scarlet Witch and Tatiana Maslany's She-Hulk
Marvel fans are already tired of Doomsday and Secret Wars cast gossip as two more superheroes get linked with roles in the next two Avengers movies
Four operators survey Verdansk. One holds a sniper rifle, one binoculars, another holds is landing with their parachute, while the last wears a skull mask
New Call of Duty: Warzone trailer shows a beautiful rebuilt Verdansk, but some fans want more: 'it won't be the same unfortunately'
An Apple Music pink/pixellated poster advertising DJ with Apple Music
DJ with Apple Music lands, allowing subscribers to build and mix DJ sets directly from its +100 million-song catalog
The Meta Quest 3 and controllers on their charging station which is itself on a wooden desk next to a lamp
Forget Android XR, I've got my eyes on Vivo's new Meta Quest 3 competitor as it could be the most important VR headset of 2025
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
Monster Hunter Wilds

Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
See more latest
Most Popular
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Sony WF-C710N in blue glass on beige background
Sony WF-C710 earbuds land, and I think they'll be the 2025 budget buds to beat
The RIG M2 Streamstar attached to a boom arm.
The RIG M2 Streamstar is a new microphone with the world's first Bluetooth audio gateway in a wired gaming mic
Four operators survey Verdansk. One holds a sniper rifle, one binoculars, another holds is landing with their parachute, while the last wears a skull mask
New Call of Duty: Warzone trailer shows a beautiful rebuilt Verdansk, but some fans want more: 'it won't be the same unfortunately'
Data leak
A major Keenetic router data leak could put a million households at risk
A collage of Elizabeth Olsen's Scarlet Witch and Tatiana Maslany's She-Hulk
Marvel fans are already tired of Doomsday and Secret Wars cast gossip as two more superheroes get linked with roles in the next two Avengers movies
Quordle on a smartphone held in a hand
Quordle hints and answers for Wednesday, March 26 (game #1157)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Wednesday, March 26 (game #388)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Wednesday, March 26 (game #654)