Zack Whittaker

Zack Whittaker

Security editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

He can also be reached by email: zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

A leaky database of SMS text messages exposed password resets and two-factor codes

A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more. The exposed server belo

Facebook reports a massive spike in government demands for data, including secret orders

Facebook has published the details of 13 historical national security letters it’s received for user data. The embattled social media giant said that the letters dated between 2014 and 2017 for

Facebook’s weapon amid chaos and controversy: misdirection

The New York Times’ bombshell report into the past three years at Facebook paint a grotesque picture of the company’s attempts to navigate a string of high-profile controversies by using u

Tech giants take seats on Homeland Security’s new supply chain task force

Homeland Security’s supply chain task force is finally off the ground. The public-private coalition, set up earlier this year, now has representatives from more than two dozen companies and indu

Judge orders Amazon to turn over Echo recordings in double murder case

A New Hampshire judge has ordered Amazon to turn over two days of Amazon Echo recordings in a double murder case. Prosecutors believe that recordings from an Amazon Echo in a Farmington home where two

Meet the Magecart hackers, a persistent credit card skimmer group of groups you’ve never heard of

There have been few hacker groups that have been responsible for as many headlines this year as Magecart. You might not know the name, but you probably haven’t missed their work — highly targ

1-877-KARS4KIDS had a data breach

Bad news: 1-877-KARS4KIDS had a data breach. Worse news: now you’ll have that awful jingle stuck in your head all day. The New Jersey-based charity has plagued the American airwaves for years wi

Facebook bug let websites read ‘likes’ and interests from a user’s profile

Facebook has fixed a bug that let any website pull information from a user’s profile — including their “likes” and interests — without that user’s knowledge. That’s t

Twitter, those ‘verified’ bitcoin-pushing pillocks are pissing everyone off

Elon Musk’s tweets piss me off for two reasons. When he’s not accusing actual heroes of sex crimes or trolling the federal government, it’s what comes after that drives me batshit. T

Cloudflare rolls out its 1.1.1.1 privacy service to iOS, Android

Months after announcing its privacy-focused DNS service, Cloudflare is bringing 1.1.1.1 to mobile users. Granted, nothing ever stopped anyone from using 1.1.1.1 on their phones or tablets already. But

Gift Guide: The best security and privacy tech to keep your friends safe

Welcome to TechCrunch’s 2018 Holiday Gift Guide! Need more gift ideas? Check out our Gift Guide Hub. Libertarian on lockdown? Privacy minded or paranoid? Security is more front of mind today tha

Hackers stole income, immigration and tax data in Healthcare.gov breach, government confirms

Hackers siphoned off thousands of Healthcare.gov applications by breaking into the accounts of brokers and agents tasked with helping customers sign up for healthcare plans. The Centers for Medicare a

Utah man pleads guilty to causing 2013 gaming service outages

A Utah man has pleaded guilty to computer hacking charges, after admitting to knocking several gaming services offline five years ago. Austin Thompson, 23, launched several denial-of-service attacks a

Security flaw in DJI’s website and apps exposed accounts to hackers and drone live feeds

It took about six months for popular consumer drone maker DJI to fix a security vulnerability across its website and apps, which if exploited could have given an attacker unfettered access to a drone

Georgia’s secretary of state Brian Kemp doxes thousands of absentee voters

Georgia’s secretary of state and candidate for state governor in the midterm election, Brian Kemp, has taken the unusual, if not unprecedented step of posting the personal details of 291,164 ab

Hours before US Election Day, Facebook pulls dozens of accounts for ‘coordinated inauthentic behavior’

Facebook has pulled the plug on 30 accounts and 85 Instagram accounts that the company says were engaged in “coordinated inauthentic behavior.” Facebook’s head of cybersecurity polic

A Swedish ISP has blocked Elsevier’s website in protest for forcing it to block Sci-Hub

A little known fact about Swedes: when they get angry, they will often scribble down a note on paper — sometimes anonymously — and leave it where it will be seen, rather than confront a person fac

Apple rolls out watchOS 5.1.1 after earlier Apple Watch bricking issues

Apple has rolled out watchOS 5.1.1, less than a week after the company pulled its immediate predecessor, watchOS 5.1, following reports that the software was bricking some Apple Watches. The update al

Security researchers have busted the encryption in several popular Crucial and Samsung SSDs

Researchers at Radboud University have found critical security flaws in several popular Crucial and Samsung solid state drives (SSDs), which they say can be easily exploited to recover encrypted data

In a court filing, Edward Snowden says a report critical to an NSA lawsuit is authentic

An unexpected declaration by whistleblower Edward Snowden filed in court this week adds a new twist in a long-running lawsuit against the National Security Agency’s surveillance programs. The ca
Load More