Feeds

HP's CEO: 'I'm so sorry' that this got out

Dunny flushed

Application security programs and practises

Patricia Dunn has not survived the HP spy scandal – a turn of events that everyone except HP saw as inevitable long ago. Dunn today resigned from HP's board, elevating CEO Mark Hurd to the Chairman role.

Hurd announced the executive shifts during a tense press conference at HP's headquarters in Palo Alto. Voice trembling at times and with nervous ticks, Hurd confessed to most of the gritty spy scandal details that have leaked out in various media reports. He also admitted to being involved in portions of HP's investigation and to not doing everything he should have to oversee the affair.

"This is a complicated situation, and the more I look into it, the more complicated it becomes," Hurd said. "I cannot guarantee that we will ever be able to obtain all of the information regarding this investigation."

"I take (investigating this situation) very seriously, and I am committed to getting to the bottom of this."

Hurd and hired gun Mark Holston, from law firm Morgan Lewis, provided a fairly detailed account of HP's boardroom investigation that has been ongoing since "early 2005." Concerned over leaks to the media, HP hired a security firm to probe its own board members, employees, reporters and reporters' family members. But then you knew that already.

Hurd confidently proclaimed that he personally hired Morgan Lewis to investigate the spy operation on Sept. 8, and the law firm now directly reports to Hurd.

Morgan Lewis has turned up evidence of a two-phased leak probe dubbed Kona I and Kona II.

Under Kona I, HP Chairman Patricia Dunn hired outside firm Security Outsourcing Solutions – don't let the SOS irony escape you. SOS with help from Dunn started digging into reporters at BusinessWeek, the Wall Street Journal, and the New York Times. After two months, SOS then teamed with HP Global Security on the investigation, and reported on its findings at a July 22, 2005 meeting.

Hurd, along with other HP employees, attended that meeting.

Kona I finished off in the "late summer of 2005 without uncovering the source of the leaks," Holston said.

Then, in January of 2006, Kona II fired up. HP's senior counsel Kevin Hunsaker led this investigation, which was triggered after a Jan. 23 CNET story. The probe continued for three months with regular updates making their way to Dunn and others.

Hunsaker, SOS and SOS's outside counsel assured HP that all tactics used in Kona II were legal, according to Holston.

Shot of HP CEO Mark Hurd at press conference

The spy mechanisms, however, quite clearly were on the fuzzy side of the law. HP's investigators fraudulently obtained phone records by using peoples' Social Security Numbers, sent a tracking email to a reporter and used surveillance to follow a number of individuals.

All told, these techniques have left HP in a precarious position where employees will need to testify before a Congressional committee next week. In addition, the California Attorney General's office and the SEC are investigating the company.

Instead of confessing all in one go, HP has allowed story after story to appear in various papers over the past two weeks. This has resulted in a leak scandal far worse than the original, innocuous leaks HP was investigating.

At present, most people want to know exactly what Hurd knew and when, since he's actually received a promotion as a result of this affair.

Here's a recap of what Hurd confessed during today's press conference.

"In, I believe, Februarys 2006, I was informed by the investigation team that they intended to send an email containing false information in an effort to identify the source of the leaks. I was asked to and did approve the naming convention that was used in the content of that email. I do not recall seeing nor do I recall approving the use of tracer technology."

"In March 2006, I attended a meeting at which a verbal summary of the second phase of the investigation was provided. Specifically, that the investigative team had indentified the source of the leaks. I understand there was also a written report of the investigation addressed to me and others but I did not read it. I could have, and I should have."

Um, yes.

Beyond these revelations, Hurd offered a couple of concessions.

"I will say that some of the findings Morgan Lewis has uncovered are very disturbing to me.

"On behalf of HP, I extend my sincere apologies to those journalists who were investigated and everyone who was impacted." ®

Application security programs and practises

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Airbus promises Wi-Fi – yay – and 3D movies (meh) in new A330
If the person in front reclines their seat, this could get interesting
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
Want to beat Verizon's slow Netflix? Get a VPN
Exec finds stream speed climbs when smuggled out
Samsung threatens to cut ties with supplier over child labour allegations
Vows to uphold 'zero tolerance' policy on underage workers
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.