Source: http://www.popsci.com/technology/article/2013-01/new-york-times-targeted-chinese-hackers
The attacks consisted of hacking into the email accounts of 53 Times employees, and the information accessed was apparently limited to information related to the Wen Jiabao story. The Times stresses that no customer information (credit cards, that kind of thing) was accessed.
An outside firm hired by the Times found that the technique used to gain this access was consistent with other attacks from China: a method called "spearphishing," an essentially simple way to gain access that involves sending malicious links that, when opened, install malware on the victim's computer. The emails were routed through American universities--also a Chinese hacker trademark--to disguise their origin. The Times has taken several steps to protect itself in the future, including changing every employee password, removing "every back door into its network," and adding more security. Read more here.