On Saturday, Intentia alleged that Reuters had accessed its computers without authorisation. In a company announcement they openly accused the news agency of "breaking in to" its systems.
Reuters did not deny that it had downloaded and reported on Intentia's third quarter profit results prior to their scheduled release, but have made claims that place serious doubt on the legitimacy of Intentia's accusations. Reuters have said that the profit results it was accused of stealing were made available to anyone that typed in the correct URL, or address, into a Web browser, and were therefore already public.
Reuters said it was able to guess the address of the information because it followed a similar naming convention to previously released document addresses.
Intentia spokesperson Thomas Ahlerup conceded that "...the report was stored on the same Web server as our public Web site." but said that it was in what he termed a "private area."
However, Ahlerup would not confirm that the profit reports were accessed this easily. "Since we have filed a criminal report, it is a part of the evidence and I cannot comment." he said.
When asked if he thought the authentication on the company's reports was sufficient he said that the "...level of authentication from our side has been working for 25 consecutive quarters."
"We have looked through the way we are publishing on our Web site and that will change ...it will be more secure." he added.
Reuters company spokesperson Susan Allsop said that the authorities, despite Intentia filing an official charge with the police and reporting the incident to the Stockholm stock exchange, have not yet contacted the news agency. As far as Reuters is concerned, it had merely downloaded information that was available to everyone.
"There was no leak or hack. Once the information is on the Web site it's in the public domain, and we are a news organisation," she said.
If the information was obtained in this way, then Intentia will have a hard time proving that Reuters acted illegally.
Peter Moon, IT Special Counsel for Abbott Stillman and Wilson lawyers in Melbourne, said that "If people release information, they can't complain that it has been released. The science of securing information is well known. If people don't care to take advantage of it, they put themselves at risk."
Just do a search on the net for back doors to porn sites.
You will quickly realise that a lot of sites (porn and otherwise) have poor security that can be bypassed if you do guess the correct URL.
Is this hacking? I think not. A truly secure system would still ask for credentials even if you did type in the correct URL.