Here’s an admission against interest in the eighth paragraph:
Security experts found evidence that the hackers stole the corporate passwords for every Times employee and used those to gain access to the personal computers of 53 employees, most of them outside The Times’s newsroom.
How were the passwords for every employee available for the taking? Let me guess, they were unencrypted. A law would have fixed that no doubt.