Top VC firm is warning thousands their data may have been hacked - here's how to stay safe

News
By published

Insight Partners has started notifying affected individuals

Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
(Image credit: Shutterstock)
  • Insight Partners confirms 12,657 people affected by October 2024 ransomware attack
  • Attackers exfiltrated and encrypted data; but no group has claimed responsibility
  • Victims offered identity protection; no evidence of data misuse reported so far

Months after suffering a cyberattack and confirming data theft, venture capital firm Insight Partners has started notifying affected individuals.

The company has filed a new report with the Office of the Maine Attorney General, which also included a copy of the letter being sent out.

Insight Partners is a global venture capital and private equity firm that invests in high-growth software and technology companies. In the letter, it said when the breach was spotted, how long the attackers dwelled, and what they did after exfiltrating the data.

How to stay safe

“Insight Partners’ investigation into the incident determined that, on or around October 25, 2024, a threat actor successfully used a sophisticated social engineering attack to gain access to the affected servers,” the letter reads. “Once inside, the threat actor began exfiltrating data from these servers, and beginning at or around 10:00 a.m. EST on January 16, 2025, began encrypting these servers.”

The letter does not state who the threat actors are, or what their demands were. As of now, no group has publicly claimed responsibility for the attack.

Elsewhere in the filing, Insight Partners confirmed that exactly 12,657 people had their sensitive information stolen, which included banking and tax information, personal information of current and former employees, information related to limited partners, as well as fund, management company, and portfolio company information.

The company also said all victims will be notified by the end of September 2025, and customers who don’t get notified by then did not have their files compromised.

Insight Partners was founded in 1995, with headquarters in New York City, and offices in London, Tel Aviv, and Palo Alto. As of April 2025, the firm manages approximately $90 billion in assets and has, so far, invested in more than 875 companies globally.

To stay safe, the company recommends users sign up for complimentary identity theft protection services, provided through Experian. They should also change all enterprise and personal passwords, enable multi-factor authentication (MFA) and consider placing a freeze on their credit reports.

At press time, there was no evidence that the files were abused in the wild.

Via BleepingComputer

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.