Reporters' phone records hacked in HP hunt
Published: 08 Sep 2006 08:45 BST
The personal telephone records of two CNET News.com reporters were accessed by a contractor hired by HP to uncover the source of boardroom leaks to the media, according to the California attorney general's office.
The investigation conducted by a company hired by HP used a controversial technique called "pretexting" to obtain the personal phone records of reporters Dawn Kawamoto and Tom Krazit, of ZDNET UK's sister site, CNET News.com, state prosecutors said. Pretexting is a sometimes-illegal method of obtaining personal records through misrepresentation of someone's identity.
Kawamoto and Krazit co-wrote a 23 January article outlining a private, long-term strategy session held by HP's board of directors. The article, which quoted an unnamed source at length, prompted HP chairman Patricia Dunn to authorise an investigation into HP's board to determine the identity of the story's source.
Kawamoto and Krazit were apparently not the only reporters targeted by HP's investigators. The personal phone records of nine journalists, including a reporter from The Wall Street Journal, were accessed, HP spokesman Mike Moeller said late on Thursday afternoon. He declined to comment on the timeframe over which the incidents took place or any of the organisations other than the Journal and CNET News.com.
The Journal reported on its Web site that reporter Pui-Wing Tam was targeted. Among other HP stories, Tam wrote in January 2005 about the board's unhappiness with ex-chief executive Carly Fiorina.
The California attorney general's office on Tuesday first alerted reporters at News.com and possibly elsewhere that their private phone records may have been accessed. On Wednesday night, attorneys for HP supplied to the attorney general's office a partial list of reporters' names whose phone records may have been compromised, a prosecutor said.
On Thursday, an investigator with the attorney general's office contacted Kawamoto and said AT&T confirmed that her records had, indeed, been accessed. Kawamoto said she never authorised her home phone records to be shared with anyone, and she noted her home phone number is under her husband's name, not her own. Krazit was notified later on Thursday that a similar breach had occurred with his mobile phone account.
The attorney general's office said HP's attorney is asking for permission to contact reporters whose records were apparently accessed.
"HP is dismayed that the phone records of journalists were accessed without their knowledge and we are fully co-operating with the attorney general in his investigation," HP's Moeller said.
In a filing on Wednesday with the Securities and Exchange Commission, HP acknowledged that the pretexting technique was used to obtain the personal records of board member Tom Perkins.
The SEC filing also said that in conjunction with the leak investigation, longtime board member George Keyworth will not be nominated to another term on the board. At a board meeting in May, Dunn presented the results of the investigation and revealed that Keyworth was the source of the leaks, which he acknowledged, according to the filing. Keyworth was asked by the board to resign at that meeting but refused, leading to the board's decision.
The filing made no mention of reporters' personal records.
AT&T confirmed to Perkins that someone had used two different Yahoo email addresses to gain entry to his records, according to documents made public on Wednesday. The person who gained access to Perkins' records created an online account with Perkins' telephone number and the last four digits of his Social Security number. It's unclear how they obtained his Social Security number.
Whoever gained access to the records only looked at Perkins' January bill, the month the News.com article that angered Dunn was published. Perkins resigned from the HP board in May to protest the internal investigation and the way it was handled.
"I resigned solely to protest the questionable ethics and the dubious legality of the chairman's methods," Perkins wrote in a letter to the board of directors.
In Kawamoto's case, AT&T said that on 30 January, someone used the last four digits of her husband's Social Security number to establish an online account, and provided the email address red@yahoo.com.
"As was the case with the Perkins account," AT&T general attorney Travis Dodd wrote in an email to the attorney general's office, "the IP address associated with the browser of the person who established the account was 68.99.17.80. As was also the case with the Perkins account, this appears to have been the only date of access to the account."
Details regarding Krazit's phone records were not immediately available.
Given the recent increase in the Federal Government's attempts to discover the identity of confidential sources, it's not all that shocking that corporations would feel "empowered" to try the same kind of techniques, said Christine Tatum, president of the Society of Professional Journalists and a business writer for the Denver Post.
However, "people have to realise that these are not issues that just journalists have to concern themselves with", Tatum said. Pretexting is a very common practice, and it's troubling to think that companies could use these techniques against disgruntled customers or debtors, she said.
CNET News.com's Tom Krazit contributed to this report.
Did you find this article useful?
179 out of 245 people found this useful
- Share this article:
Full Talkback thread
3 comments
