A hacktivist group claimed responsibility Wednesday for an e-mail snafu at the New York Times earlier that day in which the company sent an e-mail meant for 300 people to more than 8 million.
DestructiveSecurity (aka DestructiveSec), a hacktivist group that has worked with the Anonymous collective in the past, Tweeted the following on Wednesday evening: New York Times Hacked - We gained access 'shortly' to there [sic] email server.
The claim could not be verified, but the Times has gone back on its initial claim that the company had fallen victim to spamming, putting the Gray Lady's account of what took place at odds with that of DestructiveSec.
DestructiveSec went on to explain via Twitter that We hacked their email server & they're the Corporate media, spreading lies & hate in response to Anonymous-affiliated Twitter users who were concerned that the group was attempting to censor free speech, adding in a later Tweet that we're taking down any media that is related to a Corp.
The group asserted further in another Tweet that I had the email server which runs the newsletter, that's how I was spamming lol.
The claim of responsibility went out from the group's Twitter account several hours after the New York Times stated that an internal error caused an e-mail to go out to millions of NYT.com users asking them to renew subscriptions the vast majority of them either never had or never canceled.
After initially stating that the e-mails were sent because the Times had fallen victim to hackers or a spam attack, the paper changed its tune later in the day and stated that the e-mail was sent out in error:
The email was sent by the NYT, Times Co. spokeswoman Eileen Murphy stated. We regret that the error was made, but no one's security has been compromised.
If DestructiveSec is actually behind the erroneous e-mails, then it looks like the Times itself may be the party whose security really was compromised. And it looks like more may be on the way as part of #OPFireSail, a hacktivist operation aimed at corporate-backed mainstream media outlets.
And DestructiveSec Tweeted out Wednesday morning that we're...HiJacking Twitter accounts #ExpectUs in 12 hours.
Looks like there may be much more to come from the group.