Employees admitted to using stolen passwords and URL guessing to access confidential data.
http://www.wired.com/