Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com and zack.whittaker@protonmail.com

The Latest from Zack Whittaker

Hackers release a new jailbreak tool for almost every iPhone

An iPhone hacking team has released a new jailbreak tool for almost every iPhone, including the most recent models, by using the same vulnerability that Apple last month said was under active attack b

Jamaica’s JamCOVID pulled offline after third security lapse exposed travelers’ data

Jamaica’s JamCOVID app and website were taken offline late on Thursday following a third security lapse, which exposed quarantine orders on more than half a million travelers to the island. JamC

SolarWinds hackers targeted NASA, Federal Aviation Administration networks

Hackers are said to have broken into the networks of U.S. space agency NASA and the Federal Aviation Administration as part of a wider espionage campaign targeting U.S. government agencies and private

Jamaica’s Amber Group fixes second JamCOVID security lapse

Amber Group has fixed a second security lapse that exposed private keys and passwords for the government’s JamCOVID app and website. A security researcher told TechCrunch on Sunday that the Ambe

Data breach warning after California DMV contractor hit by file-stealing ransomware

California’s Department of Motor Vehicles is warning of a potential data breach after a contractor was hit by ransomware. The Seattle-based Automatic Funds Transfer Services (AFTS), which the DM

Jamaica’s immigration website exposed thousands of travelers’ data

A security lapse by a Jamaican government contractor has exposed immigration records and COVID-19 test results for hundreds of thousands of travelers who visited the island over the past year. The Jam

Notion’s hours-long outage was caused by phishing complaints

Last week’s hours-long outage at online workspace startup Notion was caused by phishing complaints, according to the startup’s domain registrar. Notion was offline for most of the morning

Online workspace startup Notion hit by outage, citing DNS issues

Notion, the online workspace startup that was last year valued at over $2 billion, was knocked offline after a DNS outage. The collaborative online office and document service was not loading as of ar

A webcam app left thousands of user accounts exposed online

A webcam app installed by thousands of users left an exposed database packed with user data on the internet without a password. The Elasticsearch database belonged to Adorcam, an app for viewing and c

Ancestry says it fought two police requests to search its DNA database

Consumer genomics company Ancestry has confirmed it fought two U.S. law enforcement requests to access its DNA database in the past six months, but that neither request resulted in turning over custom

Israeli startup CYE raises $100M to help companies shore up their cyber-defenses

Cybersecurity startup CYE has raised $100 million in a new growth round, led by investment firm EQT and with participation from 83North. CYE was founded in 2012 by Reuven Aronashvili to help companies

Decrypted: A hacker attempted to poison Florida town’s water supply

Oldsmar is a small town in Florida that became the center of the cyber world this week when a hacker broke into its drinking water supply and tried to poison it. It’s the nightmare scenario that

CD Projekt hit by ransomware attack, refuses to pay ransom

Polish video game maker CD Projekt, which makes Cyberpunk 2077 and The Witcher, has confirmed it was hit by a ransomware attack. In a statement posted to its Twitter account, the company said it will

Minneapolis police tapped Google to identify George Floyd protesters

The warrant ordered Google to turn over a set of user account data. Civil liberties groups have criticized the use of these dragnet search warrants.

Clearview AI ruled ‘illegal’ by Canadian privacy authorities

Controversial facial recognition startup Clearview AI violated Canadian privacy laws when it collected photos of Canadians without their knowledge or permission, the country’s top privacy watchd

Metromile says a website bug let a hacker obtain driver license numbers

Car insurance startup Metromile said it has fixed a security flaw on its website that allowed a hacker to obtain driver license numbers. The San Francisco-based insurance startup disclosed the securit

Amazon says government demands for user data spiked by 800% in 2020

New transparency figures released by Amazon show the company responded to a record number of government data demands in the last six months of 2020. The new figures land in the company’s bi-annu

Location broker X-Mode continues to track users despite app store bans

Apple and Google banned apps from sharing users' location data with X-Mode, a data broker with links to U.S. military contractors.

Apple says iOS 14.4 fixes three security bugs ‘actively exploited’ by hackers

Apple has released iOS 14.4 with security fixes for three vulnerabilities, said to be under active attack by hackers. The technology giant said in its security update pages for iOS and iPadOS 14.4 tha

Cybersecurity startup SpiderSilk raises $2.25M to help prevent data breaches

Dubai-based cybersecurity startup SpiderSilk has raised $2.25 million in a pre-Series A round, led by venture firms Global Ventures and STV. In the past two years, SpiderSilk has discovered some of th
Load More