Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

US government agencies bought Chinese surveillance tech despite federal ban

This story was reported in partnership with video surveillance news site IPVM. At least three U.S. federal agencies, including the military, have purchased China-made video surveillance equipment bann

On legal demands and press freedoms

In August 2020, two FBI agents were standing on my doorstep, unannounced, wanting to ask me questions about a TechCrunch story we had published the year before. The story was about how a hacker took t

Apple files lawsuit against NSO Group over Pegasus spyware

Apple has launched a lawsuit against NSO Group, the maker of the nation-state spyware Pegasus, seeking a permanent injunction to prevent the spyware maker from using any Apple product or service. In a

Gift Guide: The smart home starter kit

A year ago I accidentally turned my house into a smart home. What started out as an easy (and lazy, let’s be honest) way to switch off the radio in the kitchen without getting up from the couch

GoDaddy says data breach exposed over a million user accounts

Web hosting giant GoDaddy has reported a data breach, and warns that data on 1.2 million customers may have been accessed. In a filing with the Securities and Exchange Commission, GoDaddy’s chie

HPE says Aruba customer data compromised after data breach

HPE has confirmed that a “limited subset” of customer data was taken in a data breach involving its subsidiary Aruba Networks, a maker of networking equipment. The enterprise technology gi

Robinhood says millions of customer names and email addresses taken in data breach

Online stock trading platform Robinhood has confirmed it was hacked last week with more than five million customer email addresses and two million customer names taken, as well as a much smaller set o

US federal agencies told to patch hundreds of security bugs

The Biden administration has ordered nearly all federal agencies to patch hundreds of security bugs, some that were first found the best part of a decade ago. The new binding operational directive, is

A security bug in health app Docket exposed COVID-19 vaccine records

A security bug in the health app Docket exposed the private information of residents vaccinated against COVID-19 in New Jersey and Utah, where the app received endorsements from state officials. Docke

US retail giants pull Chinese surveillance tech from shelves

This story was reported in partnership with video surveillance news site IPVM. Retail giants Home Depot and Best Buy have pulled the Chinese video surveillance technology makers Lorex and Ezviz from t

Olympus US hack tied to sanctioned Russian ransomware group

An “ongoing” cyberattack against the Japanese technology giant Olympus was caused by a Russian ransomware group sanctioned by the U.S. government, according to two people with knowledge of

A massive ‘stalkerware’ leak puts the phone data of thousands at risk

The private phone data of hundreds of thousands of people are at risk. Call records, text messages, photos, browsing history, precise geolocations and call recordings can all be pulled from a person&#

Google pulls ‘stalkerware’ ads that promoted phone spying apps

Google has pulled several “stalkerware” ads that violated its policies by promoting apps that encouraged prospective users to spy on their spouses’ phone. These consumer-grade spywar

Security takes center stage at TC Sessions: SaaS this month

Microsoft, Cisco and Amplitude talk security at TC Sessions: SaaS this month. Enterprises face a constant stream of threats, from nation-state hackers and cybercriminals to corporate insiders. But the

Twitch confirms hack after source code and creator payout data leaks online

A huge cache of source code repositories, creator payouts and other internal data from Twitch has been published online after a data breach, the company has confirmed. In a post on Tuesday (but which

Facebook, WhatsApp and Instagram are slowly returning. Why did they disappear to begin with?

Facebook’s day-long outage is by far its longest and most extreme in years. At around 9 a.m. PDT on the U.S. West Coast — where the social giant is headquartered — Facebook, WhatsApp

Russian authorities arrest cybersecurity giant Group-IB’s CEO on treason charges

Russian authorities have arrested and detained Ilya Sachkov, the co-founder and chief executive of Group-IB — one of the biggest cybersecurity companies in the country — on charges of treason. Det

YC-backed Malloc wants to take the sting out of mobile spyware

Mobile spyware is one of the most invasive and targeted kinds of unregulated surveillance, since it can be used to track where you go, who you see and what you talk about. And because of its stealthy

Twitter’s Rinki Sethi on why CISOs win when security is a shared responsibility

Sethi draws on her decade-plus cybersecurity experience to talk about the role of the modern CISO and how the next-generation of CISOs can stay ahead.

Osano, a risk and compliance startup, raises $11M

Osano, a risk and compliance startup, has confirmed it has raised $11 million in new funding. The round was led by Jump Capital, with participation from existing investors LiveOak Venture Partners and
Load More