FAQ: The HP boardroom leak scandal
Who's involved, what happened and what it means
Computerworld - I've been avoiding this thing. You've got one sentence. Fill me in. Officials at Hewlett-Packard Co. launched an investigation to track some leaks coming from the board of directors, and some of the methods used were ethically questionable (see HP business ethics), if not positively illegal; a lot of agencies are investigating, and HP investors are getting a bit jittery.
What was being leaked? Who and why? The source of the leak was board member George Keyworth, who was speaking to various tech-industry publications, providing at least one with information on the goings-on at a closed board meeting. Keyworth admitted to the leaks in May and stepped down on Sept. 12 -- one day after Patricia Dunn first announced her resignation as chairman in January 2007. (On Septemeber 22, Dunn advanced her departure schedule from "January" to "immediately.") Keyworth says that he believes his statements were in the best interests of the company and that no confidential or damaging information was disclosed in his "leaky" conversations with the press.
How many people sit on the HP board of directors? The HP biography page for its board of directors currently lists eight.
Did HP break the law? There are plenty of investigators and lawyers figuring that out, but based on what we know now, it's possible that the company did not directly break the law. The outside firm retained by HP is on shakier ground, since they may have hired a subcontractor that did, in fact, break the law.
What did that subcontractor do?It obtained phone call records by pretexting -- calling the phone company and claiming to be the people whose records it was after, using personal data to bolster their claims. The people targeted included HP board members and staff as well as nine journalists and their spouses. (Not the best tactic for keeping an embarrassing story out of the papers, by the way.)
Some legal observers feel that HP may just make new law on this -- providing a high-profile case that'll light a fire under legislators to crack down on the practice.
Did HP's legal department know this was happening? Yes. Reports have stated that HP senior counsel Kevin Hunsaker planned an attack on at least one reporter and presented the details to Dunn in a PowerPoint presentation. (That attack involved placing a tracking bug in an e-mail on the reporter's computer; Hunsaker has not yet been linked to pretexting efforts.)
So one of those journalists found out and wrote about it? Not quite. The investigation was revealed earlier this month in an SEC filing in which HP acknowledged hiring an outside investigator to run down leaks dating from 2005.
- PCI 3.0 Compliance In this white paper, learn how PCI-DSS 3.0 effects how you deploy and maintain PCI compliant networks using CradlePoint devices.
- Defense throughout the Vulnerability Life Cycle with Alert Logic Threat and Log Manager New security threats are emerging all the time, from new forms of malware and web application exploits that target code vulnerabilities to attacks...
- QA Automation: Reducing Test Execution While Improving Coverage A leading capital investment firm in the US was in need of a comprehensive, cost effective and flexible solution to reduce their existing...
- Protect your brand with Alert Logic PCI DSS compliance solutions Alert logic's cloud-powered solutions help organizations that process, store or transmit credit card data eliminate the burden of PCI compliance. This product brief...
- Expert Panel: Enterprise Mobility and Data Loss Prevention When it comes to enterprise mobility, it's not just about devices, it's about the way people work. Hear this expert panel discuss the...
- Princess Cruises collaborates across the globe in the IBM cloud Norm Ayers, Director of Emergency Response and Social Projects at Princess Cruises explains how IBM and Cloud helped the company rapidly scale its... All Management White Papers | Webcasts