Feeds

HP's CEO: 'I'm so sorry' that this got out

Dunny flushed

Choosing a cloud hosting partner with confidence

Patricia Dunn has not survived the HP spy scandal – a turn of events that everyone except HP saw as inevitable long ago. Dunn today resigned from HP's board, elevating CEO Mark Hurd to the Chairman role.

Hurd announced the executive shifts during a tense press conference at HP's headquarters in Palo Alto. Voice trembling at times and with nervous ticks, Hurd confessed to most of the gritty spy scandal details that have leaked out in various media reports. He also admitted to being involved in portions of HP's investigation and to not doing everything he should have to oversee the affair.

"This is a complicated situation, and the more I look into it, the more complicated it becomes," Hurd said. "I cannot guarantee that we will ever be able to obtain all of the information regarding this investigation."

"I take (investigating this situation) very seriously, and I am committed to getting to the bottom of this."

Hurd and hired gun Mark Holston, from law firm Morgan Lewis, provided a fairly detailed account of HP's boardroom investigation that has been ongoing since "early 2005." Concerned over leaks to the media, HP hired a security firm to probe its own board members, employees, reporters and reporters' family members. But then you knew that already.

Hurd confidently proclaimed that he personally hired Morgan Lewis to investigate the spy operation on Sept. 8, and the law firm now directly reports to Hurd.

Morgan Lewis has turned up evidence of a two-phased leak probe dubbed Kona I and Kona II.

Under Kona I, HP Chairman Patricia Dunn hired outside firm Security Outsourcing Solutions – don't let the SOS irony escape you. SOS with help from Dunn started digging into reporters at BusinessWeek, the Wall Street Journal, and the New York Times. After two months, SOS then teamed with HP Global Security on the investigation, and reported on its findings at a July 22, 2005 meeting.

Hurd, along with other HP employees, attended that meeting.

Kona I finished off in the "late summer of 2005 without uncovering the source of the leaks," Holston said.

Then, in January of 2006, Kona II fired up. HP's senior counsel Kevin Hunsaker led this investigation, which was triggered after a Jan. 23 CNET story. The probe continued for three months with regular updates making their way to Dunn and others.

Hunsaker, SOS and SOS's outside counsel assured HP that all tactics used in Kona II were legal, according to Holston.

Shot of HP CEO Mark Hurd at press conference

The spy mechanisms, however, quite clearly were on the fuzzy side of the law. HP's investigators fraudulently obtained phone records by using peoples' Social Security Numbers, sent a tracking email to a reporter and used surveillance to follow a number of individuals.

All told, these techniques have left HP in a precarious position where employees will need to testify before a Congressional committee next week. In addition, the California Attorney General's office and the SEC are investigating the company.

Instead of confessing all in one go, HP has allowed story after story to appear in various papers over the past two weeks. This has resulted in a leak scandal far worse than the original, innocuous leaks HP was investigating.

At present, most people want to know exactly what Hurd knew and when, since he's actually received a promotion as a result of this affair.

Here's a recap of what Hurd confessed during today's press conference.

"In, I believe, Februarys 2006, I was informed by the investigation team that they intended to send an email containing false information in an effort to identify the source of the leaks. I was asked to and did approve the naming convention that was used in the content of that email. I do not recall seeing nor do I recall approving the use of tracer technology."

"In March 2006, I attended a meeting at which a verbal summary of the second phase of the investigation was provided. Specifically, that the investigative team had indentified the source of the leaks. I understand there was also a written report of the investigation addressed to me and others but I did not read it. I could have, and I should have."

Um, yes.

Beyond these revelations, Hurd offered a couple of concessions.

"I will say that some of the findings Morgan Lewis has uncovered are very disturbing to me.

"On behalf of HP, I extend my sincere apologies to those journalists who were investigated and everyone who was impacted." ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.