Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by e-mail at

The Latest from Zack Whittaker

Palo Alto Networks’ firewall bug under attack brings fresh havoc to thousands of companies

Organizations are urged to patch their Palo Alto firewalls after researchers discover evidence of malicious exploitation dating back to late March.

Omni Hotels says customers’ personal data stolen in ransomware attack

A ransomware gang called Daixin has taken credit for the breach, and claimed to steal millions of customer records dating back to 2017.

Change Healthcare stolen patient data leaked by ransomware gang

This is the second group to demand a ransom payment from Change Healthcare to prevent the release of stolen patient data in as many months.

Government spyware is another reason to use an ad blocker

Spyware makers are reportedly working on targeting individuals with stealthy data-stealing malware using online banner ads.

Roku says 576,000 user accounts hacked after second security incident

Roku said it discovered malicious hackers compromised more than half a million user accounts while investigating an earlier spate of account hacks.

US think tank Heritage Foundation hit by cyberattack

Founded in 1973, the Washington DC-based Heritage Foundation and supports and lobbies on conservative issues.

US says Russian hackers stole federal government emails during Microsoft cyberattack

CISA said the latest theft of government email — blamed on Russian government hackers — presents "a grave and unacceptable risk" to U.S. federal agencies.

US government urges Sisense customers to reset credentials after hack

The U.S. cybersecurity agency said it was responding to a "recent compromise" at the data analytics giant, which provides business intelligence to critical infrastructure companies.

AT&T notifies regulators after customer data breach

The legally required disclosure came a week after AT&T confirmed a cache containing millions of customers' data that leaked online was genuine.

Microsoft employees exposed internal passwords in security lapse

The tech giant secured a cloud storage server that was inadvertently spilling Microsoft internal data and credentials to the open internet.

Targus says cyberattack is causing operational outage

Targus' parent company, B. Riley Financial, said it discovered "a threat actor gained unauthorized access to certain of Targus’ file systems."

‘Reverse’ searches: The sneaky ways that police tap tech companies for your private data

Reverse searches cast a digital dragnet over a tech company's store of user data to catch the information that police are looking for.

AT&T resets account passcodes after millions of customer records leak online

A security researcher told TechCrunch that leaked AT&T customer data contained encrypted account passcodes that can be easily unscrambled.

US offers $10M to help catch Change Healthcare hackers

The government's reward for information now extends to ALPHV's affiliates, which claimed responsibility for a massive weekslong healthcare cyberattack.

UK blames China for massive breach of voter data

It's the first time the United Kingdom has attributed the massive breach of millions of citizens' voter data since the cyberattack was first disclosed in 2023.

AT&T won’t say how its customers’ data spilled online

Customers say their leaked AT&T customer data — names, addresses, phone numbers and Social Security numbers — is accurate.

DOT to investigate data security and privacy practices of top US airlines

The U.S. Department of Transportation announced its first industry-wide review of data security and privacy policies across the largest U.S. airlines. The DOT said in a press release Thursday that the

Users say Glassdoor added real names to user profiles without their consent

One user said Glassdoor pulled her full name from an email and added it to her profile. Another user said it wasn't clear how Glassdoor got his data.

Mintlify says customer GitHub tokens exposed in data breach

Documentation startup Mintlify says dozens of customers had GitHub tokens exposed in a data breach at the start of the month and publicly disclosed last week. Mintlify helps developers create document

Tech giant Fujitsu says it was hacked, warns of data breach

Multinational technology giant Fujitsu confirmed a cyberattack in a statement Friday, and warned that hackers may have stolen personal data and customer information. “We confirmed the presence o
Load More