For nearly a decade, hackers enjoyed widespread access to the corporate computer network of Nortel Networks Ltd. , a once-giant telecommunications firm now fallen on hard times.

Using seven passwords stolen from top Nortel executives, including the chief executive, the hackers—who appeared to be working in China—penetrated Nortel's computers at least as far back as 2000 and over the years downloaded technical papers, research-and-development reports, business plans, employee emails and other documents, according to Brian Shields, a former 19-year Nortel veteran who led an internal investigation.

The hackers also hid spying software so deeply within some employees' computers that it took investigators years to realize the pervasiveness of the problem, according to Mr. Shields and Nortel documents reviewed by The Wall Street Journal. They "had access to everything," Mr. Shields said of the hackers. "They had plenty of time. All they had to do was figure out what they wanted."

According to an internal report, Nortel "did nothing from a security standpoint" to keep out the hackers, other than resetting the seven passwords.

Nortel's breach offers a rare level of detail about a type of international corporate espionage that is of growing concern to U.S. officials. A U.S. intelligence report released in November concluded that hackers operating from China—both government-affiliated and private-sector—are the world's most "active and persistent" perpetrators of industrial spying. The report cited a number of Chinese attacks, including one targeting Google ; the theft of data from global energy companies; and theft of proprietary data such as client lists and acquisition plans at other companies.