o Risk Management reports ("positions") caught outbound, including DRMS
(Derivatives) going to someone who started working for Merrill Lynch

o Risk Management reports inbound: Phibro positions [Salomon subsidiary]

o Internal product documentation and trading desk procedures outbound

o Many hostname/username/password transmissions for Salomon's internal systems

o Many Sybase database passwords, including SA passwords

o People working on their own businesses while within Salomon

o Someone soliciting people for porno videos from Salomon

o Phibro Chart of Accounts and internal accounting procedures

o Year-end summary of lawsuits filed against subsidiary Basis Petroleum

o Pirating of third-party copyright programs

o Other firms' IUO (Internal Use Only) inbound

o Our detailed systems inventory

o Determined what PGP (encrypted) traffic was occurring. Among others, we had
constant small traffic back-and-forth with Military contractor Rockwell.

o Salomon's Official Restricted List being repeatedly transmitted outbound
(list of securities Salomon can't purchase without a conflict of interest)

o Unreleased Financing Summaries and unreleased IPO's: SEC violations

o Internal Use Only documents

o Trade confirmations

o JobTalk hits concerning internal budget details by an SOO.

o JobTalk hit of a resume of a risk management person who wanted to
"explain how it works" here

o Hundreds of router (security) configurations

o 42,000 lines of OASYS data

o router and bridge passwords

o Hostname/username/password for unmonitored outbound ISDN access from Salomon

o RadioMail: spotted that all the big cheeses who use it have all their highly
sensitive email going out over the unprotected Internet, because we were too
ch