A leading venture capital (VC) firm has revealed more details of a 2024 ransomware breach that impacted thousands of individuals.
Insight Partners, which counts several cybersecurity companies among its portfolio, explained in a breach notification letter that it first detected the personal data breach on January 16 2025, although the incident occurred on around October 25 2024.
“A threat actor successfully used a sophisticated social engineering attack to gain access to the affected servers. Once inside, the threat actor began exfiltrating data from these servers, and beginning at or around 10:00 a.m. EST on January 16, 2025, began encrypting these servers,” it said.
“Working with third-party investigators and cybersecurity experts, Insight Partners took immediate efforts to contain and remediate the incident, and to expel the threat actor from Insight Partners’ systems, which it successfully did on January 16, 2025.”
Read more on venture capital: VC Investment in Cyber Startups Surges 35%
Although there was no further insight into exactly what information was taken, the firm has previously said that it could include “fund, management company, and portfolio company information, banking and tax information, and certain personal information of our current and former employees, as well as information related to our limited partners.”
As such, Insight Partners warned those impacted about possible identity theft attempts.
According to the notice on the website of the Office of the Maine Attorney General, 12,657 individuals had personal information taken in the raid.
Those affected are urged to take advantage of free identity theft protection services offered by the VC firm, change all enterprise and personal passwords, switch on multi-factor authentication (MFA) and consider freezing their credit reports.
VC Firms Are High-Risk Targets
Experts warned that VC firms hold highly sensitive information, besides personal data.
“These corporations have access to a massive pool of proprietary data, including banking details, company portfolios, and customer records,” argued Swimlane principal security solution architect, Joshua Roback.
Andrew Costis, engineering manager of the Adversary Research Team at AttackIQ, agreed.
“Ransomware attacks on VC organizations can leak information that is critical to not just the parent organizations, but the startups they’re supporting,” he said.
“Exposure of financial details, investment strategies and legal documents can upend businesses.”
Image credit: T. Schneider / Shutterstock.com