To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://www.silicon.com/cxoextra/0,3800005416,39162207,00.htm

Reporters' phone records hacked in HP probe
Controversial technique used in hunt for boardroom snitch...

By Jim Kerstetter

Published: Friday 08 September 2006

A contractor hired by HP to uncover the source of boardroom leaks to the media has accessed the personal telephone records of two reporters involved in covering the story, according to the California attorney general's office.

The investigation conducted by a company hired by HP used a controversial technique called "pretexting" to obtain the personal phone records of silicon.com sister site CNET News.com reporters Dawn Kawamoto and Tom Krazit, state prosecutors said. Pretexting is a sometimes-illegal method of obtaining personal records through misrepresentation of someone's identity.

Kawamoto and Krazit co-wrote a 23 January article outlining a private, long-term strategy session held by HP's board of directors. The article, which quoted an unnamed source at length, prompted HP chairman Patricia Dunn to authorise an investigation into HP's board to determine the identity of the story's source.

Kawamoto and Krazit were apparently not the only reporters targeted by HP's investigators. The personal phone records of nine journalists, including a reporter from The Wall Street Journal, were accessed, according to an HP spokesman speaking late on Thursday afternoon. He declined to comment on the timeframe over which the incidents took place or any of the organisations other than the WSJ and CNET News.com.

The WSJ reported on its website that reporter Pui-Wing Tam was targeted. Among other HP stories, Tam wrote in January 2005 about the board's unhappiness with ex-CEO Carly Fiorina.

The California attorney general's office on Tuesday first alerted reporters at CNET News.com and possibly elsewhere that their private phone records may have been accessed. On Wednesday night, attorneys for HP supplied to the attorney general's office a partial list of reporters' names whose phone records may have been compromised, a prosecutor said.

On Thursday, an investigator with the attorney general's office contacted Kawamoto and said AT&T confirmed her records had, indeed, been accessed. Kawamoto said she never authorised her home phone records to be shared with anyone, and she noted her home phone number is under her husband's name, not her own. Krazit was notified later on Thursday that a similar breach had occurred with his cellular phone account.

The attorney general's office said HP's attorney is asking for permission to contact reporters whose records were apparently accessed.

The HP spokesman said: "HP is dismayed that the phone records of journalists were accessed without their knowledge and we are fully co-operating with the attorney general in his investigation."

In a filing on Wednesday with the Securities and Exchange Commission, HP acknowledged that the pretexting technique was used to obtain the personal records of board member Tom Perkins.

The SEC filing also said that in conjunction with the leak investigation, long-time board member George Keyworth will not be nominated to another term on the board. At a board meeting in May, Dunn presented the results of the investigation and revealed that Keyworth was the source of the leaks, which he acknowledged, according to the filing. Keyworth was asked by the board to resign at that meeting but refused, leading to the board's decision.

The filing made no mention of reporters' personal records.

AT&T confirmed to Perkins that someone had used two different Yahoo! email addresses to gain entry to his records, according to documents made public on Wednesday. The person who gained access to Perkins' records created an online account with Perkins' telephone number and the last four digits of his Social Security number. It's unclear how they obtained his Social Security number.

Whoever gained access to the records looked only at Perkins' bill for January, the month the CNET News.com article which angered Dunn was published. Perkins resigned from the HP board in May to protest at the internal investigation and the way it was handled.

Perkins wrote in a letter to the board of directors: "I resigned solely to protest the questionable ethics and the dubious legality of the chairman's methods."

In Kawamoto's case, AT&T said that on 30 January someone used the last four digits of her husband's Social Security number to establish an online account, and provided the email address red@yahoo.com.

AT&T general attorney Travis Dodd wrote in an email to the attorney general's office: "As was the case with the Perkins account, the IP address associated with the browser of the person who established the account was 68.99.17.80. As was also the case with the Perkins account, this appears to have been the only date of access to the account."

Details regarding Krazit's phone records were not immediately available.

Given the recent increase in the federal government's attempts to discover the identity of confidential sources, it's not all that shocking that corporations would feel "empowered" to try the same kind of techniques, said Christine Tatum, president of the Society of Professional Journalists and a business writer for the Denver Post.

However, Tatum said, "people have to realise that these are not issues that just journalists have to concern themselves with". Pretexting is a very common practice, and it's troubling to think companies could employ these techniques against disgruntled customers or debtors, she said.

CNET News.com's Tom Krazit contributed to this report

Jim Kerstetter writes for CNET News.com