Exclusive: New York Times Moscow Hack Compromised Paper’s Emails

Posted by

Recently reported Russian hacks, including phishing emails, that successfully captured the passwords of hundreds of US journalists, included one that targeted the New York Times Moscow bureau during the 2016 election period. The AP reported recently that at least 200 Western journalists, including at least 50 at the New York Times, were hacked by Russia since 2014, with attacks continuing to the present day.

Patribotics sources specify that hacks starting for 2014 during the Sochi Olympics were unrelated, but had a similar objective. By contrast, the hack on the Moscow bureau of the Times was intended specifically to gather kompromat on journalists to force favorable coverage in the matter of the US election of Donald Trump, these sources said.

Patribotics is grateful for the support of our readers, which makes our journalism possible. Your support will help us to break more stories on Trump and Russia in 2018. Please consider a donation here.

Sources stated that the penetration of the small Moscow Bureau of the Times allowed hackers working for Russian intelligence services access to valuable digital intelligence on the New York Times’ communication network systems in the United States, including credentials. The Times has been a particular target, these sources said, because of its status as ‘the paper of record’ in the United States and particularly because of its liberal readership.

The Moscow Bureau of the Times was attacked, it was reported last August. At the time, the paper denied that any of its systems had been compromised.

One source of this site laughed aloud when we raised the Times’ statement that they had found no evidence the paper’s systems were penetrated. The paper only admitted to being “targeted” by hackers.

‘APT28 wasn’t able to get into the Times’ emails?’ this source said. ‘Look, if a nation state APT puts you in its sights, eventually they’ll get you. APT28 easily has the capability to pull it off. Ask the DNC.’

“APT” is an abbreviation for Advanced Persistent Threat, a designation reserved for the most advanced cyber threat actors in the world– usually groups backed by nation-states. The state of Russia is known to run several APTs in different areas of their security apparatus, teams that often compete internally with each other.


The Times fired its Public Editor, Liz Spayd, who reported that the New York Times knew of FISA warrants sought in the Trump-Russia campaign when this reporter broke that story at Heat Street, but failed to report them.


The Times dismayed its readership base with a number of stories, during the election and subsequently, that seemed plainly to misstate the facts or praise Donald Trump. In other cases, the Times failed to levy criticism of white nationalists.

The Times most recently published a story detailing how George Papadopolous confided to an Australian diplomat in London that the Russians had hacked Secretary Clinton; this story ran with the factually false headline “How the Russia Inquiry Began”. (The BBC’s Paul Wood had already reported, nearly a year earlier, that a six-agency task force including the FBI was started in April 2016; James Comey testified that Russian attempts to interfere in the US election process were known to him from 2015 onwards).


The AP story cited a specific APT, APT28, which it called “Iron Twilight”, that it said was identified by the national security firm Secureworks as involved in phishing emails from politicians and journalists. The USIC has identified several APTs involved in the attacks as contractors working for the FSB rather than agents directly employed by the agencies, sources said. This method attempts to give the Russian state a measure of deniability, sources said. However, American agencies have firmly identified contractor work as having been sourced, paid for and ordered by the highest echelons of the Russian state.

The New York Times, in reporting the attack on their Moscow office, only headlined their story that they had been “targeted”. The paper said last August:

We are constantly monitoring our systems with the latest available intelligence and tools,” said Eileen Murphy, a spokeswoman for The Times. “We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised.”

The New York Times may, however, only have examined the Moscow bureau and not have looked into the main New York Times systems in the United States thinking the attack was contained to local systems, sources speculated.

So far, the New York Times has failed to correct or rescind its errors in its Trump Russia coverage, including the story that possibly swayed the election result, “Investigating Donald Trump, FBI Sees No Clear Link to Russia”.



  1. Brilliant piece. We’ve all been wondering about what level of compromise The NY Times might be operating under, based on recent pieces and the heinous article you site from before the election. Thanks for being on the front lines of this, Louise. We badly need you there.

  2. Thank You Patribiotic! WE appreciate all of your work. I would like to donate but do not and can not contribute through PayPal. Please suggest another processor. Happy New Year!

  3. I remember that NYTimes article claiming the FBI “sees no links” with russia and trump campaign. I believed the article was a disgrace at the time, and a permenant stain on NYTimes reputation for fact based reporting.

    The mountains of evidence that have since disproved the arrogant headline only confirms my opinion about the article.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.