Dunn will resign as chairwoman after the company's January 18 board meeting, but will remain on the board as a director, the company said in a release. In a second statement, Dr. George A. Keyworth II, the board member fingered by the investigation as the source of the leaks, announced his resignation from the board.

In comments included in the official releases, the chairwoman disavowed that she knew of the type of techniques that investigators, hired by her, would use to track down a member of the board who had leaked confidential discussions to the media.

"These leaks had the potential to affect not only the stock price of HP but also that of other publicly traded companies," Dunn said in the statement provided by HP. "Unfortunately, the investigation, which was conducted by third parties, included certain inappropriate techniques. These went beyond what we understood them to be, and I apologize that they were employed."

Dunn's pending resignation is the latest fallout from a brewing controversy over the techniques used by third-party investigators to obtain the personal phone records of HP directors and the nine reporters that may have received information about confidential board discussions. Investigators hired by the company's chairwoman to find the leak employed pretexters to gain access to the records.

In the past, the act of pretexting used deception and subterfuge to convince a victim to turn over information useful to a private investigator. In the computer security world, the technique is frequently called social engineering. Yet in the information age, pretexting that gains access to another company's computer system without authorization is punishable under the Computer Fraud and Abuse Act of 1986 at the federal level and various other cybercrime statutes at the state level, said James Aquilina, a former federal cybercrime prosecutor running the Los Angeles office of Stroz Friedberg LLC, a national computer forensics and cyber-consulting firm.

"Characterizing the practice of pretexting as falling within some 'gray area' perhaps ignores the basic fact that its success depends upon the use of falsity and deception," Aquilina said. "That, coupled with unauthorized access, and evidence of certain damages suffered by the hacked telecom provider or its customer, likely brings the practice within reach of the (Computer Fraud and Abuse) Act, and at a minimum, California's penal code."

As the controversy enters its second week, Hewlett-Packard faces a prolonged investigative siege touched off by the chairwoman's resolve to find the leak. Investigations into the technology giant's conduct have been opened by no less than five agencies: The Office of Attorney General for the State of California, the U.S. Department of Justice, the Federal Communications Commission, the Securities and Exchange Commission and the House of Representative's Committee on Energy and Commerce.

For the Attorney General for the State of California, Bill Lockyear, the question is not whether the information was obtained in violation of computer-crime statutes, but who is to blame for the acts.

"The Attorney General has already said that crimes have been committed," said Thomas Dresslar, spokesperson for California Attorney General's Office. "We are interviewing people. We are obtaining documents. We are doing our own thing."

The attorney general intends to charge the private investigators with violations of the state's cybercrime statutes, Dresslar said.