Security

Security news coverage encompasses investigative cybersecurity reporting and analysis on the latest security breaches, hacks and cyberattacks around the globe.

About half a million patients have been notified so far, but the number of affected individuals is likely far higher.

US pharma giant Cencora says Americans’ health information stolen in data breach

On the heels of raising $102 million earlier this year, Bugcrowd is making good on its promise to use some of that funding to make acquisitions to strengthen its security…

Bugcrowd, the crowdsourced white-hat hacker platform, acquires Informer to ramp up its security chops

Featured Article

Spyware found on US hotel check-in computers

Several hotel check-in computers are running a remote access app, which is leaking screenshots of guest information to the internet.

11:05 am PDT • May 22, 2024
Spyware found on US hotel check-in computers

A dodgy email containing a link that looks “legit” but is actually malicious remains one of the most dangerous, yet successful, tricks in a cybercriminal’s handbook. Now, an AI startup…

Bolster, creator of the CheckPhish phishing tracker, raises $14M led by Microsoft’s M12

U.S. cell carrier Patriot Mobile experienced a data breach that included subscribers’ personal information, including full names, email addresses, home ZIP codes and account PINs, TechCrunch has learned. Patriot Mobile,…

Conservative cell carrier Patriot Mobile hit by data breach

CyberArk — one of the army of larger security companies founded out of Israel — is acquiring Venafi, a specialist in machine identity, for $1.54 billion. 

CyberArk snaps up Venafi for $1.54B to ramp up in machine-to-machine security

Featured Article

Two Santa Cruz students uncover security bug that let anyone do their laundry for free

CSC ServiceWorks provides laundry machines to thousands of residential homes and universities, but the company ignored requests to fix a security bug.

9:05 am PDT • May 17, 2024
Two Santa Cruz students uncover security bug that let anyone do their laundry for free

A Texas-based company that provides health insurance and benefit plans disclosed a data breach affecting almost 2.5 million people, some of whom had their Social Security number stolen. WebTPA said…

Healthcare company WebTPA discloses breach affecting 2.5 million people

A hacker listed the data allegedly breached from Samco on a known cybercrime forum.

Hacker claims theft of India’s Samco account data

A top European privacy watchdog is investigating following the recent breaches of Dell customers’ personal information, TechCrunch has learned.  Ireland’s Data Protection Commission (DPC) deputy commissioner Graham Doyle confirmed to…

Ireland privacy watchdog confirms Dell data breach investigation

Flock Safety is a multibillion-dollar startup that’s got eyes everywhere. As of Wednesday, with the company’s new Solar Condor cameras, those eyes are solar-powered and use wireless 5G networks to…

Flock Safety’s solar-powered cameras could make surveillance more widespread

Private equity giant Thoma Bravo has announced that its security information and event management (SIEM) company LogRhythm will be merging with Exabeam, a rival cybersecurity company backed by the likes…

Thoma Bravo’s LogRhythm merges with Exabeam in more cybersecurity consolidation

The FBI along with a coalition of international law enforcement agencies seized the notorious cybercrime forum BreachForums on Wednesday.  For years, BreachForums has been a popular English-language forum for hackers…

FBI seizes hacking forum BreachForums — again

A feature Google demoed at its I/O confab yesterday, using its generative AI technology to scan voice calls in real time for conversational patterns associated with financial scams, has sent…

Google’s call-scanning AI could dial up censorship by default, privacy experts warn

The company said it is increasing the on-device capability of its Google Play Protect system to detect fraudulent apps trying to breach sensitive permissions.

Google adds live threat detection and screen-sharing protection to Android

Apple released new data about anti-fraud measures related to its operation of the iOS App Store on Tuesday morning, trumpeting a claim that it stopped over $7 billion in “potentially…

Apple touts stopping $1.8B in App Store fraud last year in latest pitch to developers

The person who claimed to have stolen the physical addresses of 49 million Dell customers appears to have taken more data from a different Dell portal, TechCrunch has learned. The…

Threat actor scraped Dell support tickets, including customer phone numbers

Featured Article

‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts

Estate is an invite-only website that has helped hundreds of attackers make thousands of phone calls aimed at stealing account passcodes, according to its leaked database.

5:05 am PDT • May 13, 2024
‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts

Some Indian government websites have allowed scammers to plant advertisements capable of redirecting visitors to online betting platforms. TechCrunch discovered around four dozen “gov.in” website links associated with Indian states,…

Scammers found planting online betting ads on Indian government websites

The person who claims to have 49 million Dell customer records told TechCrunch that he brute-forced an online company portal and scraped customer data, including physical addresses, directly from Dell’s…

Threat actor says he scraped 49M Dell customer addresses before the company found out

Technology giant Dell notified customers on Thursday that it experienced a data breach involving customers’ names and physical addresses. In an email seen by TechCrunch and shared by several people…

Dell discloses data breach of customers’ physical addresses

The federal government agency responsible for granting patents and trademarks is alerting thousands of filers whose private addresses were exposed following a second data spill in as many years. The…

US Patent and Trademark Office confirms another leak of filers’ address data

As part of an investigation into people involved in the pro-independence movement in Catalonia, the Spanish police obtained information from the encrypted services Wire and Proton, which helped the authorities…

Encrypted services Apple, Proton and Wire helped Spanish police identify activist

U.S. realty trust giant Brandywine Realty Trust has confirmed a cyberattack that resulted in the theft of data from its network. In a filing with regulators on Tuesday, the Philadelphia-based…

Brandywine Realty Trust says data stolen in ransomware attack

Five takeaways from the indictment of Dmitry Yuryevich Khoroshev, the hacker who U.S. and U.K. authorities accuse of being the mastermind of the LockBit ransomware gang.

What we learned from the indictment of LockBit’s mastermind

The identity of the leader of one of the most infamous ransomware groups in history has finally been revealed. On Tuesday, a coalition of law enforcement led by the U.K.’s…

US, UK police identify and charge Russian leader of LockBit ransomware gang

Wiz, the buzzy startup building an all-in-one cloud security platform, is on an acquisition march to expand its business quickly en route to an IPO. Now, it has closed a…

Wiz raises $1B at a $12B valuation to expand its cloud security platform through acquisitions

A couple of weeks ago, TechCrunch broke the news that Akamai was in discussions to acquire Noname Security, a specialist in API security, for around $500 million. Today, the deal…

Akamai confirms acquisition of Noname for $450M

An international coalition of police agencies have resurrected the dark web site of the notorious LockBit ransomware gang, which they had seized earlier this year, teasing new revelations about the…

Police resurrect LockBit’s site and troll the ransomware gang

Featured Article

UnitedHealth data breach should be a wake-up call for the UK and NHS

The ransomware attack that has engulfed U.S. health insurance giant UnitedHealth Group and its tech subsidiary Change Healthcare is a data privacy nightmare for millions of U.S. patients, with CEO Andrew Witty confirming this week that it may impact as much as one-third of the country. But it should also…

8:43 am PDT • May 3, 2024
UnitedHealth data breach should be a wake-up call for the UK and NHS