New York Times breached because of exposed GitHub Token

The New York Times suffered a significant data breach, with 273GB of internal source code and data leaked on 4chan. An exposed GitHub token allowed unauthorized access to the company’s repositories, leading to the theft.

The threat actor shared a text file containing a complete list of the 6,223 folders stolen from the company’s GitHub repository. The folder names indicated a wide variety of information stolen, including IT documentation, infrastructure tools, and source code.