Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at

The Latest from Zack Whittaker

NationsBenefits confirms thousands had personal data stolen in Fortra breach

Another corporate giant has confirmed thousands of healthcare members had information stolen in the cyberattack targeting Fortra customers. Florida-based technology company NationsBenefits said in a d

Hackers publish sensitive employee data stolen during CommScope ransomware attack

Hackers published a trove of data stolen from U.S. network infrastructure giant CommScope, including thousands of employees’ Social Security numbers and bank account details. The North Carolina–ba

The Security Stage debuts at Disrupt 2023

If you haven’t noticed, the internet is frequently on fire. Overseas cyberattacks are hitting public services like healthcare at home. Data breaches are the new school “snow days.” S

Throne fixes security bug that exposed creators’ private home addresses

A recently fixed security bug at a popular platform for supporting creators shows how even privacy-focused platforms can put creators’ private information at risk. Throne, founded in 2021, bills

Alcohol recovery startups Monument and Tempest shared patients’ private data with advertisers

For years, online alcohol recovery startups Monument and Tempest were sharing with advertisers the personal information and health data of their patients without their consent. Monument, which acquire

Lawmakers call on USPS to combat surge in ‘change of address’ fraud

A group of bipartisan lawmakers has called on the U.S. Postal Service to strengthen its internal processes to reduce change of address fraud, which each year allows fraudsters to redirect thousands of

Biden executive order bans federal agencies from using commercial spyware

The Biden administration on Monday announced a new executive order that would broadly ban U.S. federal agencies from using commercially developed spyware that poses threats to human rights and nationa

Fortra told breached companies their data was safe

Software maker Fortra told its corporate customers that their data was safe — even when it wasn’t — following a ransomware attack on its systems, TechCrunch has learned. As we have been repo

Kids tech camp iD Tech still silent weeks after data breach

Parents are still looking for answers weeks after hackers stole the personal data of thousands of users from kids’ tech coding camp iD Tech, with some fearing that their children’s data wa

New victims come forward after mass-ransomware attack

The number of victims affected by a mass-ransomware attack, caused by a bug in a popular data transfer tool used by businesses around the world, continues to grow as another organization tells TechCru

Google warns users to take action to protect against remotely exploitable flaws in popular Android phones

Google’s security research unit is sounding the alarm on a set of vulnerabilities it found in certain Samsung chips included in dozens of Android models, wearables and vehicles, fearing the flaws co

Telehealth startup Cerebral shared millions of patients’ data with advertisers

Cerebral has revealed it shared the private health information, including mental health assessments, of more than 3.1 million patients in the United States with advertisers and social media giants lik

PeopleGrove security lapse exposed users’ personal information

PeopleGrove confirmed Thursday that it’s investigating after a security lapse exposed users’ personal information online. The company, formerly CampusKudos, which provides and hosts a soci

Today’s startups should terrify you

A steady stream of new startups pitch their ideas, concepts, products and services on a daily basis to TechCrunch reporters: Startups that claim to predict when employees might want to leave for a new

Secret Service and ICE conducted warrantless stingray surveillance, says watchdog

A government watchdog has found that the Secret Service and ICE’s Homeland Security Investigations (HSI) unit repeatedly failed to obtain the correct legal paperwork when carrying out invasive c

The life-upending flaw that USPS won’t fix

Sometime in November, someone walked into a U.S. post office and filled out a change of address form, just as tens of millions do each year to route their mail to a new address. The person signed the

Sensitive US military emails spill online

A government cloud server was spilling internal military emails data onto the open internet because no password was set.

How to keep your Twitter secure without giving Elon Musk any money

Late on Friday, Twitter announced a new policy that will remove text message two-factor authentication (2FA) from any account that won’t pay for it. In a blog post, Twitter said that it will onl

Atlassian and Envoy briefly blame each other for data breach

Australian software giant Atlassian and Envoy, a startup that provides workplace management services, were at loggerheads on Thursday over a data breach that exposed the data of thousands of Atlassia

Weee! grocery startup says customer data stolen in data breach

Weee!, a U.S. online grocery delivery startup that specializes in Asian and Hispanic foods, says it was hacked and that a year’s worth of customer data was stolen. In a brief statement published
Load More