Venture capital giant IdeaLab confirms breach, says private data was stolen in attack

News
By published

Almost a year later, the company comes forward with more details

Code Skull
(Image credit: Shutterstock)
  • IdeaLab confirms it suffered a data breach, offers identity theft protection and credit monitoring
  • Recently-departed ransomware operators Hunters International took responsibility
  • The decryption key were recently published

Technology startup incubator IdeaLab has confirmed suffered a cyberattack in which it lost sensitive company files.

The organization confirmed the news after an extensive investigation that took almost a year, noting in a data breach notification letter sent earlier to affected individuals the attack most likely took place on October 4 2024, when cybercriminals accessed its network and stole sensitive information on current and former employees, current and former support service contractors, and their dependents.

We don’t know exactly how many people were affected by this attack, or what the nature of the data is. IdeaLab just said the attackers took people’s names, in combination with “variable data”.

Get 55% off Incogni's Data Removal service with code TECHRADAR

Get 55% off Incogni's Data Removal service with code TECHRADAR

Wipe your personal data off the internet with the Incogni data removal service. Stop identity thieves
and protect your privacy from unwanted spam and scam calls.

View Deal

Smuggling through

Still, it offers affected individuals complimentary identity theft protection services through IDX, which includes 24 months of credit and dark web monitoring, a $1 million identity fraud loss reimbursement policy, and fully managed identity theft recovery services.

At the same time, the media reported that a ransomware operation known as Hunters International took responsibility for the attack, adding the stolen data to its leak site, likely after a failed extortion attempt.

Allegedly, the leaked archive was 262.8 GB in size, and contained 137,000 files. Interestingly enough, earlier today Hunters International announced it was disbanding, apologized for the inconvenience caused, and shared decryption keys for all of its victims. It’s safe to assume IdeaLab is included in this list, as well.

The motive behind the shutdown remains in the domain of speculation, with multiple security outfits believing the group was simply rebranding in order to hide its tracks from law enforcement and cut ties with previous affiliates.

Researchers from Recorded Future, Group-IB, and many others, have pointed out that Hunters International recently launched a parallel operation called World Leaks, that does not deploy encryptors and just focuses on extortion.

Via BleepingComputer

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.