Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

Health startup myNurse to shut down after data breach exposed health records

myNurse, a healthcare startup that provides chronic care management and remote patient monitoring services, said it will shut down at the end of the month after reporting a data breach that exposed pe

How to remove your personal information from Google search results

Cybersecurity 101: It's now easier to request the removal of your personal information from Google search results.

US offers bounty for Sandworm, the Russian hackers blamed for destructive cyberattacks

The U.S. government has stepped up its hunt for six Russian intelligence officers, best known as the state-backed hacking group dubbed “Sandworm,” by offering a $10 million bounty for info

Web scraping is legal, US appeals court reaffirms

Good news for archivists, academics, researchers and journalists: Scraping publicly accessible data is legal, according to a U.S. appeals court ruling. The landmark ruling by the U.S. Ninth Circuit of

‘Always on and watching’: A former Xinjiang prisoner describes life inside China’s detention camps

For 10 months in 2018, Ovalbek Turdakun was a prisoner in one of China’s notorious detention camps, where he was tortured, subject to horrific conditions and under constant surveillance. In a ma

HacWare lands $2.3M to expand cybersecurity awareness training

If you work at a company above a certain size, you’ll understand just how little patience we all feel for internal phishing awareness, even despite the fact that phishing remains one of the lead

Autonomous robots used in hundreds of hospitals at risk of remote hijacks

A decade ago security researcher Barnaby Jack famously wirelessly hacked a hospital insulin pump live on stage in front of hundreds of people to demonstrate how easily it could be compromised to deliv

‘We probably pissed away $200 million,’ Better.com CEO told employees in layoffs meeting

When Better.com CEO Vishal Garg laid off 900 employees, or about 9% of the company’s staff, in early December, the startup world was shocked by his callous delivery. Now a video of Garg and CFO Kevi

FBI operation aims to take down massive Russian GRU botnet

The Federal Bureau of Investigation has disclosed it carried out an operation in March to target a massive botnet controlled by Russian intelligence. The operation was authorized by courts in Califor

NSO hacked new Pegasus victims weeks after Apple sought injunction

Investigators say they have found evidence that a Jordanian journalist and human rights defender’s iPhone was hacked with the Pegasus spyware just weeks after Apple sued the spyware’s make

Skiff lands $10.5M to build out its end-to-end encrypted workspaces

Six months after launching its end-to-end encrypted document editor, Skiff has bagged another $10.5 million in fresh funding to build out private and collaborative workspaces for its burgeoning custom

Lapsus$ found a spreadsheet of accounts as they breached Okta, documents show

The Lapsus$ hackers used compromised credentials to break into the network of customer service giant Sitel in January, days before subsequently accessing the internal systems of authentication giant O

Okta says hundreds of companies impacted by security breach

Okta says 366 corporate customers, or about 2.5% of its customer base, were impacted by a security breach that allowed hackers to access the company’s internal network. The authentication giant

Okta confirms January breach after hackers publish screenshots of its internal network

Identity giant Okta has confirmed a January security incident after hackers posted screenshots overnight apparently showing access to the company’s internal systems. The Lapsus$ hacking group pu

A security lapse exposed India’s CISF personnel files and health records

Internal documents, officer health records, and personnel files belonging to India’s Central Industrial Security Force spilled online because of a data security lapse. A security researcher in I

Ukrainian hackers say HackerOne is blocking their bug bounty payouts

Ukrainian hackers and security researchers say bug bounty platform HackerOne is withholding their bug bounty rewards, in some cases thousands of dollars, and refusing to let hackers withdraw their ear

Ubisoft won’t say why it reset employee passwords after ‘cyber incident’

Gaming giant Ubisoft has confirmed a cybersecurity incident that led to the mass-reset of company passwords, but has declined to say what the incident actually was. In a brief statement, Ubisoft said:

European lawmakers launch investigation into use of Pegasus spyware by EU states

The European Parliament voted on Thursday to create a new “committee of inquiry” to investigate allegations that European member states acquired and used the powerful Pegasus mobile spywar

REvil hacker accused of Kaseya ransomware attack arrested and extradited to the US

An alleged key member of the REvil ransomware group, who federal authorities say is responsible for the Kaseya hack that encrypted thousands of its customers’ networks, has been arrested and ext

How a simple security bug became a university campus ‘master key’

When Erik Johnson couldn’t get his university’s mobile student ID app to reliably work, he sought to find a workaround. The app is fairly important, since it allows him and every other stu
Load More