Security News > 2024 > June > New York Times warns freelancers of GitHub repo data breach
![New York Times warns freelancers of GitHub repo data breach](/static/build/img/news/new-york-times-warns-freelancers-of-github-repo-data-breach-medium.jpg)
The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024.
"The New York Times recently communicated to some of our contributors regarding an incident that resulted in the exposure of some of their personal information," a Times spokesperson told BleepingComputer.
As BleepingComputer reported over the weekend, a 273GB torrent file containing The New York Times' stolen data was leaked on the 4chan message board on Thursday.
"Around June 6, 2024, a post on another third-party site made this data publicly available, including a file that contained some of your personal information," the Times confirmed in data breach notification letters sent to affected contributors.
The Times advises anyone affected by this data breach to be cautious of unexpected emails, phone calls, or messages requesting personal information like usernames, passwords, and date of birth which could be used to gain access to their accounts without permission.
New York Times source code stolen using exposed GitHub token.
News URL
Related news
- UK confirms Ministry of Defence payroll data exposed in data breach (source)
- Dell warns of data breach, 49 million customers allegedly affected (source)
- Dell API abused to steal 49 million customer records in data breach (source)
- Largest non-bank lender in Australia warns of a data breach (source)
- Helsinki suffers data breach after hackers exploit unpatched flaw (source)
- Banco Santander warns of a data breach exposing customer info (source)
- Nissan North America data breach impacts over 53,000 employees (source)
- MediSecure e-script firm hit by ‘large-scale’ ransomware data breach (source)
- WebTPA data breach impacts 2.4 million insurance policyholders (source)
- SEC: Financial orgs have 30 days to send data breach notifications (source)