Zack Whittaker

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at

The Latest from Zack Whittaker

US Patent and Trademark Office notifies filers of years-long data leak

The federal government agency responsible for granting patents and trademarks has confirmed it inadvertently exposed about 61,000 filers’ private addresses in a years-long data spill. The U.S. P

LetMeSpy, a phone tracking app spying on thousands, says it was hacked

A hacker has stolen the messages, call logs and locations intercepted by a widely used phone monitoring app called LetMeSpy, according to the company that makes the spyware. The phone monitoring app,

Hacker responsible for 2020 Twitter breach sentenced to prison

Three years after one of the most visible hacks in recent history played out in real-time in front of millions of Twitter users, one of the hackers responsible for the breach will now serve time in fe

Feds seize notorious and shuttered hacking site BreachForums

Three months after arresting its administrator, U.S. federal authorities have seized the domain of notorious hacking site BreachForums. For a time, the forum was the go-to community for English-speaki

TechCrunch Disrupt’s Security Stage highlights the risks of spyware, government surveillance

Governments all over the world, authoritarian and democratic, use spyware to hack the phones of activists, journalists, and political rivals who are critical of their governments. Initially, the spywa

A simple bug exposed access to thousands of smart security alarm systems

U.S. power and electronics giant Eaton has fixed a security vulnerability that allowed a security researcher to remotely access thousands of smart security alarm systems. Security researcher Vangelis

Mandiant says China-backed hackers exploited Barracuda zero-day to spy on governments

Security researchers at Mandiant say China-backed hackers are likely behind the mass-exploitation of a recently discovered security flaw in Barracuda Networks’ email security gear, which prompte

Announcing the Security Stage agenda at TechCrunch Disrupt

A few weeks ago we introduced you to the brand new Security Stage, our debut space dedicated to cybersecurity at TechCrunch Disrupt. Now, we’re ready to reveal what we have in store. We’ve

US intelligence confirms it buys Americans’ personal data

A newly declassified government report confirms for the first time that U.S. intelligence and spy agencies purchase vast amounts of commercially available information on Americans, including data from

Another huge US medical data breach confirmed after Fortra mass-hack

Hackers stole another half a million people’s personal and health information during a ransomware attack on a technology vendor earlier this year. Intellihartx, a Tennessee-based company that ha

Shell Recharge security lapse exposed EV drivers’ data

Oil giant Shell said it is investigating after a security researcher found an exposed internal database spilling the personal information of drivers who use the company’s electric vehicle chargi

Microsoft to pay $20M settlement for illegally collecting children’s personal data

Microsoft will pay $20 million to settle charges brought by the Federal Trade Commission accusing the tech giant of illegally collecting the personal information of children without their parents&#821

Amazon’s Ring to pay $5.8M after staff and contractors caught snooping on customer videos, FTC says

Ring, the Amazon-owned maker of video surveillance devices, will pay $5.8 million over claims brought by the Federal Trade Commission that Ring employees and contractors had broad and unrestricted acc

Toyota confirms another years-long data leak, this time exposing at least 260,000 car owners

Two weeks ago, Toyota said it exposed the data of more than two million customers to the internet for a decade. Today, the automotive giant said it recently discovered the data of another 260,000 car

A popular Android app began secretly spying on its users months after it was listed on Google Play

A cybersecurity firm says a popular Android screen recording app that racked up tens of thousands of downloads on Google’s app store subsequently began spying on its users, including by stealing

Popular Android TV boxes sold on Amazon are laced with malware

AllWinner and RockChip might not be household names, but the two China-based companies power several wildly popular Android TV boxes that are sold on Amazon. These Android-powered television set-top b

Telly, the ‘free’ smart TV with ads, has privacy policy red flags

Yesterday, we looked at a new hardware startup called Telly that’s giving away half a million of its new smart televisions for free. The catch is that the 55-inch smart television is fitted with

Brightly says SchoolDude data breach spilled 3 million user accounts

Software maker Brightly has confirmed that hackers stole close to three million SchoolDude user accounts in an April data breach. SchoolDude is a cloud-based work order management system, used primari

Toyota Japan exposed millions of vehicles’ location data for a decade

Toyota Japan has apologized after admitting to leaving millions of customers’ vehicle details on the public internet for a decade. The car maker said in a notice that it will notify about 2.15 m

Bishop Fox lays off employees days after throwing conference party

Cybersecurity firm Bishop Fox laid off around 50 employees — or 13% of its workforce — on Tuesday, the company told TechCrunch. The layoffs come just a few days after the company threw a party at
Load More