Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com.

The Latest from Zack Whittaker

Amazon’s Ring gave a record amount of doorbell footage to the government in 2021

Ring, the maker of internet-connected video doorbells and security cameras, said in its latest transparency report that it turned over a record amount of doorbell footage and other information to U.S.

A huge data leak of 1 billion records exposes China’s vast surveillance state

A massive store of data containing information on about one billion Chinese residents could be one of the biggest breaches of personal information in history. Portions of the leaked data appeared last

Apple says Lockdown Mode in iOS 16 will help block government spyware attacks

Apple said Wednesday it will bring a new “Lockdown Mode” to its upcoming iPhone and Mac software that will switch off certain features aimed at helping targeted individuals combat governme

WeWork India exposed visitors’ personal information and selfies

WeWork India has fixed a security lapse that exposed the personal information and selfies of tens of thousands of people who visited WeWork India’s coworking spaces. Security researcher Sandeep

How did a rental startup I’d never heard of leak my home address?

I consider myself a fairly privacy-conscious person, going out of my way to evade online tracking and, for the most part, avoiding spam mail. But when I found myself staring at my home address on the

Period tracker Stardust surges following Roe reversal, but its privacy claims aren’t airtight

Period tracking app Stardust surged to the top of the U.S. Apple App Store in the wake of the Supreme Court’s decision to overturn Roe v. Wade after the app promised it will encrypt its users’ pri

Google is notifying Android users targeted by Hermit government-grade spyware

Security researchers at Lookout recently tied a previously unattributed Android mobile spyware, dubbed Hermit, to Italian software house RCS Lab. Now, Google threat researchers have confirmed much of

Ex-Amazon employee convicted over data breach of 100 million CapitalOne customers

Paige Thompson, a former Amazon employee accused of stealing the personal information of 100 million customers by breaching banking giant CapitalOne in 2019, has been found guilty by a Seattle jury on

Researchers say Hermit, a powerful mobile spyware, is used by governments

Security researchers at Lookout have released new details about an Android spyware deployed in targeted attacks by national governments, with victims in Kazakhstan, Syria and Italy. The spyware, which

India’s farmers exposed by new Aadhaar data leak

A security researcher said an Indian government website was exposing the Aadhaar numbers of India’s farmers, potentially amounting to millions of people. Atul Nair told TechCrunch that he found

Caught COVID-19 abroad? Good luck, you might get stuck

The idea of being stranded on a Caribbean island might not sound like the worst thing in the world after two years of a pandemic, but speaking from experience, it’s not as fun as it sounds. I ca

Thousands of Mobike users’ passports and IDs exposed online

A massive trove of more than 120,000 passports, drivers licenses and identity documents uploaded by users of bike-sharing service Mobike have been found online. Security researcher Bob Diachenko foun

macOS will soon block unknown USB-C accessories by default

A new security feature in Apple’s upcoming macOS 13 Ventura will automatically block new USB-C devices from communicating with the operating system until the accessory can be approved by the use

NJ talent firm exposed thousands of resumes, detailing immigration statuses and security clearances

A New Jersey talent acquisition firm exposed the resumes and personal information of at least 30,000 prospective workers by leaving a database on the internet without a password. The database belongs

Hackers compromised some Zola user accounts to buy gift cards

Zola, a wedding planning startup that allows couples to create websites, budgets and gift registries, has confirmed that hackers gained access to user accounts but has denied a breach of its systems.

DOJ says it will no longer prosecute good-faith hackers under CFAA

The U.S. Justice Department announced Thursday it will not bring charges under federal hacking laws against security researchers and hackers who act in good faith. The policy for the first time &#8220

Texas exposed 1.8 million residents’ data for almost 3 years

The personal information of 1.8 million Texas residents who filed insurance claims with the Texas Department of Insurance was exposed and publicly accessible for almost three years, according to a rec

Socket lands $4.6M to audit and catch malicious open source code

Securing the software supply chain is admittedly somewhat of a dry topic, but knowing which components and code go into your everyday devices and appliances is a critical part of the software developm

Google, Microsoft and Yahoo back New York ban on controversial search warrants

A coalition of tech giants, including Google, Microsoft and Yahoo, have pledged support for a New York bill that would ban the use of controversial search warrants that can identify people based on th

Workrise fixes API that spilled users’ personal information

Workforce management unicorn Workrise has fixed an exposed API that was spilling some users’ personal information. The Austin, Texas-based startup, which previously went by RigUp, was founded in
Load More