In an effort to track down the source of information leaks by Hewlett-Packard Co. insiders, private investigators working for the company obtained reporters' telephone records without permission, the company told MSNBC.com on Thursday.
The reporters' records were accessed as part of a private investigation into news leaks that was initiated by company Chairwoman Patricia Dunn.
The investigators got the records by impersonating journalists from the Wall Street Journal, CNET.com and other news organizations in a practice known as “pretexting,” the company said.
HP spokesman Michael Moeller said that "there are other journalists" whose records were improperly accessed, but would not say how many others were involved.
"HP is absolutely dismayed that the records of journalists were accessed without their knowledge," he said. "We are completely and fully cooperating with the state attorney general's investigation into HP and this incident."
Earlier Thursday, CNET.com and the Wall Street Journal published stories indicating their reporters had been contacted by the California Attorney General's Office and told their telephone records had been accessed by unauthorized individuals connected to the company.
"CNET Networks takes this situation most seriously," spokeswoman Sarah Cain said. "These actions not only violated the privacy rights of our employee, but also the rights of all reporters to protect their confidential sources."
Robert Christie, spokesman for Dow Jones, which owns the Wall Street Journal, said the newspaper would not comment on its story.
A spokesman for the California Attorney General's Office, Tom Dresslar, said he couldn't comment on ongoing investigations. Dresslar also declined to comment on Moeller's assertion that other reporters may have been targeted.
In its story, CNET said it was told by an investigator at the attorney general's office that HP had provided a "partial list of reporters names whose phone records may have been compromised." Cain said she didn't know how many reporters were on that list.
News of boardroom intrigue at HP broke earlier this week in Newsweek with a story that detailed a messy spying episode inside the company. Newsweek reported that Dunn had ordered an investigation of other members of the company's Board of Directors in an effort to find out who was giving information anonymously to reporters.
The Newsweek story indicated that the investigation was initiated by Dunn, who was irked by a story published in January by CNET reporter Dawn Kawamoto that provided details of a board-members-only meeting.
The investigation was thorough. Kawamoto's home telephone records were obtained, even though her phone is in her husband's name, CNET reported.
But the pattern of obtaining reporters' records may stretch further back. The Wall Street Journal reported on Thursday that reporter Pui-Wing Tam had been contacted by the California Attorney General's Office with information suggesting she may have been the target of pretexting.
Tam, the newspaper indicated, broke an important story about former CEO Carly Fiorina and her disagreements with board members. Fiorina resigned from HP in early 2005.
Moeller refused to say what period of time the pretexting activity covered.
"We're not giving out any more information at this time," he said.
In a filing with the Securities and Exchange Commission on Wednesday, HP acknowledged that its agents used pretexting to obtain board members' personal telephone records. Pretexting involves hacking into a consumers' telephone records by impersonating the consumer, and tricking customer service representatives or Web sites into divulging the personal information.
Thursday's developments indicate that the pretexting extended outside the board room. Journalists' telephone records would readily indicate which board members were communicating with reporters.
After a blogger purchased Gen. Wesley Clark's phone records last year from a pretexter, a media firestorm ensued, and Congressional hearings were held examining the practice.
Pretexting runs afoul of federal law — specifically, the Federal Trade Commission Act, which bans deceptive trade practices.
Late Thursday, California Attorney General Bill Lockyer told the Associated Press that the HP investigation violated two California state laws: California's identity theft statutes, which make it illegal to use someone else's personal information to commit a crime, and the state's computer crime laws, which make unauthorized access to databases illegal.
“The question was, was a crime committed? The answer is yes. Does that mean charges will result? Well, we haven’t completed the investigation so we’re not yet certain as to who committed the crime,” Lockyer said. "“It’s likely if evidence continues to come in the way it has that there will be a prosecution,” he said. “But we’re not ready to go file a complaint. We’re still investigating.”