Cyber Incident Victim: New York Times

On January 22, 2017, at approximately 9:40 AM Eastern Time, the Twitter account for New York Times Video (@nytvideo) was compromised by the hacker group OurMine. The attackers posted a fabricated news alert claiming Russia had launched a missile attack against the United States, attributing the action to a "leaked statement" from Russian President Vladimir Putin. This unauthorized tweet was rapidly deleted by the New York Times, though screenshots and reports confirmed its brief publication. OurMine subsequently claimed responsibility for the breach through additional tweets on the compromised account, stating they had "detected unusual activity" and "re-hacked" the account to verify its security status. The group also referenced their prior compromise of Sony Music’s Twitter account in December 2016, where they had disseminated a hoax about singer Britney Spears’ death.

The New York Times responded by deleting all unauthorized tweets from the @nytvideo account and publicly acknowledged the breach via a tweet confirming an investigation into the incident. No further details regarding the intrusion method or additional compromised systems were disclosed by the Times. OurMine’s actions aligned with their established pattern of targeting high-profile social media accounts to promote their self-described security testing services, though their activities typically involved cybervandalism rather than data theft. The incident temporarily disrupted the @nytvideo account’s operations but did not result in prolonged service outages or corroborated data leaks. The Times restored control of the account following the removal of the unauthorized content, with no subsequent reports of recurring breaches tied to this event.