Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com and zack.whittaker@protonmail.com

The Latest from Zack Whittaker

Fragomen, a law firm used by Google, confirms data breach

Immigration law firm Fragomen, Del Rey, Bernsen & Loewy has confirmed a data breach involving the personal information of current and former Google employees. The New York-based law firm provides

Decrypted: How Twitter was hacked, GitHub DMCA backfires

One week to the U.S. presidential election and things are getting spicy. It’s not just the rhetoric — hackers are actively working to disrupt the election, officials have said, and last week t

President Trump’s Twitter accessed by security expert who guessed password ‘maga2020!’

A Dutch security researcher says he accessed President Trump’s @realDonaldTrump Twitter account last week by guessing his password: “maga2020!”. Victor Gevers, a security researcher

Security testing firm NSS Labs ceases operations, citing coronavirus

Security testing company NSS Labs “ceased operations” last week, the company said in a notice on its website, citing impacts related to the ongoing coronavirus pandemic. The Austin, Texas-

Apple, Opera and Yandex fix browser address bar spoofing bugs, but millions more still left vulnerable

Year after year, phishing remains one of the most popular and effective ways for attackers to steal your passwords. As users, we’re mostly trained to spot the telltale signs of a phishing site,

Trump says ‘nobody gets hacked’ but forgot his hotel chain was hacked — twice

According to President Trump speaking at a campaign event in Tucson, Arizona, on Monday, “nobody gets hacked.” You don’t need someone who covers security day in and day out to call b

US charges Russian hackers blamed for Ukraine power outages and the NotPetya ransomware attack

Six Russian intelligence officers accused of launching some of the “world’s most destructive malware” — including an attack that took down the Ukraine power grid in December 2015 a

A prison video visitation service exposed private calls between inmates and their attorneys

Exclusive: Calls supposed to be protected by attorney-client privilege were recorded and transcribed.

Dr Lal PathLabs, one of India’s largest blood test labs, exposed patient data

Dr Lal PathLabs, one of the largest lab testing companies in India, left a huge cache of patient data on a public server for months, TechCrunch has learned. The lab testing giant, headquartered in New

Decrypted: The major ransomware attack you probably didn’t hear about

Watching the news this past week was like drinking from a firehose. Speaking of which, you probably missed a busy week in cybersecurity, so here are the big stories from the past week. THE BIG PICTURE

Security flaw left ‘smart’ chastity sex toy users at risk of permanent lock-in

Just because almost every gadget or appliance can be connected to the internet, doesn’t mean they should be. Outages can render these “smart” devices useless, and many use weak security

A security flaw in Grindr let anyone easily hijack user accounts

Grindr, one of the world’s largest dating and social networking apps for gay, bi, trans, and queer people, has fixed a security vulnerability that allowed anyone to hijack and take control of an

Facebook sues two companies engaged in data scraping operations

Facebook today says it has filed a lawsuit in the U.S. against two companies that had engaged in an international “data scraping” operation. The operation extended across Facebook properti

Imperva to acquire database security startup jSonar

Cybersecurity giant Imperva will acquire jSonar, a database security startup that recently landed $50 million from Goldman Sachs. Financial terms of the deal weren’t disclosed. The acquisition o

How 3 remote-friendly tech companies plan to return to the office

Six months ago, millions of workers left their offices for the last time without realizing it. Many would be laid off because of the pandemic, but for those fortunate to keep their jobs, some of their

Applicants say DC Bar exposed their personal data and background checks

Lawyers applying for a license to practice law in Washington, D.C., say a security lapse by the bar association exposed their application files, including their government-issued IDs and background ch

After breach, Twitter hires a new cybersecurity chief

Following a high-profile breach in July, Twitter has hired Rinki Sethi as its new chief information security officer. Sethi most recently served as chief information security officer at cloud data man

Microsoft outage leaves users unable to access Office, Outlook, Teams

Microsoft said it’s investigating an authentication outage with Office 365, preventing users from accessing some of the company’s most widely used services, including Office.com, Outlook.c

Healthcare giant UHS hit by ransomware attack, sources say

Universal Health Services, one of the largest healthcare providers in the U.S., has been hit by a ransomware attack. The attack hit UHS systems early on Sunday morning, according to two people with di

Trump administration’s TikTok ban has been delayed

A U.S. federal court has said a ban on TikTok will not go into effect on Monday, as scheduled. The move to delay the anticipated ban will allow Americans to continue using the app while the court con
Load More