More insecurity at The New York Times. Glad I already unsubscribed. As mentioned here earlier, NYTimes.com does not protect the user's data it has. It doesn't even protect it's employees and sources data. As I have said before: front end insecurity (i.e. XSS vulnerablities) can foretell more insecurities throughout the organization. If a company doesn't keep up-to-date on security measures currently available, it can't be trusted with your data.