Decrypted: Chegg’s third time unlucky, Okta’s new CSO, Rapid7 beefs up cloud security

Ransomware is getting sneakier and smarter.

The latest example comes from ExecuPharm, a little-known but major outsourced pharmaceutical company that confirmed it was hit by a new type of ransomware last month. The incursion not only encrypted the company’s network and files, hackers also exfiltrated vast amounts of data from the network. The company was handed a two-for-one threat: pay the ransom and get your files back or don’t pay and the hackers will post the files to the internet.

This new tactic is shifting how organizations think of ransomware attacks: it’s no longer just a data-recovery mission; it’s also now a data breach. Now companies are torn between taking the FBI’s advice of not paying the ransom or the fear their intellectual property (or other sensitive internal files) are published online.

Because millions are now working from home, the surface area for attackers to get in is far greater than it was, making the threat of ransomware higher than ever before.

That’s just one of the stories from the week. Here’s what else you need to know.


Chegg hacked for the third time in three years

Education giant Chegg confirmed its third data breach in as many years. The latest break-in affected past and present staff after a hacker made off with 700 names and Social Security numbers. It’s a drop in the ocean when compared to the 40 million records stolen in 2018 and an undisclosed number of passwords taken in a breach at Thinkful, which Chegg had just acquired in 2019.

Those 700 names account for about half of its 1,400 full-time employees, per a filing with the Securities and Exchange Commission. But Chegg’s refusal to disclose further details about the breach — beyond a state-mandated notice to the California attorney general’s office — makes it tough to know exactly went wrong this time.

LabCorp sued for ‘concealing’ data breach

A LabCorp shareholder has filed a derivative suit on behalf of the company, no less, alleging that its board, including the laboratory giant’s senior leadership team — concealed details of two data breaches from shareholders.

The first breach related to the massive data breach at AMCA, a billing provider contracted to LabCorp, Quest and others, that saw millions of patient records stolen in 2019. A second security lapse saw thousands of patient documents — including health data — exposed by mistake. The lapse was discovered in-house by TechCrunch and disclosed to LabCorp. The shareholder accused LabCorp of not disclosing the incident to investors, adding that had TechCrunch not informed LabCorp of the incident, the company’s systems would still be exposed and “continued to expose patients'” personal data, the complaint reads.

Academics and startups clash over contact-tracing privacy

Coronavirus rolls on, as do the efforts to trace the spread of the deadly virus. Contact tracing will help understand who has come into contact with a person confirmed with COVID-19, but also help inform those potentially exposed. But not everyone’s on the same page.

Last week, hundreds of academics backed a privacy-focused solution, one that involves Bluetooth to anonymously detect interactions with other people, as opposed to a location-based system that critics argue would unnecessarily invade people’s privacy. One of the biggest efforts is by Apple and Google. But the U.K. wants to buck the trend by potentially including location data, which prompted security experts to decry the move.

Reuters this week also looked at the efforts by cyber-intelligence firms, many of which have raised eyebrows because of their regular day jobs — supplying phone hacking technology and mobile spyware for dictators and despots. One of those is NSO Group, which Facebook-owned WhatsApp is suing for allegedly developing an exploit used to hack into victims’ devices using WhatsApp.

Can privacy prevail?


Identity giant Okta has a new chief executive officer.

You might not think it’s a good time for a company to make new hires amid economic downturns and forced remote work. But David Bradbury, a former Symantec executive, told TechCrunch that while it was “the most challenging start” to a role he’s had, it could not have come at a more crucial time.

Okta, if you don’t know, secures networks with its multi-factor authentication technology to ensure only the right people, such as employees, can log onto a corporate network and its resources. Things are going well for Okta. Working from home has been a boon for the company, which has seen close to 60% increase in unique users in the past month.

We spoke exclusively with Bradbury prior to the formal announcement of his new role.


Resistant AI secured the financial backing for its seed round led by two cybersecurity major investors, Index and Credo. The venture firms will invest $2.75 million in total, along with participating firm Seedcamp. Resistant AI’s technology sits on top of existing artificial intelligence systems to help prevent automated fraudulent transactions.

Security platform provider Rapid7 has snapped up DivvyCloud for $145 million to beef up its cloud security chops. The acquisition will help Rapid7 dig more into its cloud offerings. Rapid7 also has an active security research wing, some of its work we’ve covered before on TechCrunch.

And sad news for the Cliqz team, which this week pulled the plug on its privacy-focused, anti-tracking search engine alternative. Cliqz was founded in 2008 and later bought Ghostery, the anti-tracking tool. The company said it was blindsided by the coronavirus outbreak in a market that’s dominated by its main rival, Google. “We didn’t see a pandemic coming,” said the company in a blog post. In fairness, neither did anyone else but wasn’t able to adjust its business model accordingly.

Send tips securely over Signal and WhatsApp to +1 646-755-8849.