Bleeping Computer reports:
New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack.
The company manages over $90 billion in regulatory assets and has invested in over 800 software and technology startups and companies worldwide during its 30 years of activity.
In a statement released Tuesday, the firm said some of its information systems were breached on January 16 through “a sophisticated social engineering attack.”
Read more at Bleeping Computer.
On February 18, Insight Partners issued the following statement:
Trust is integral to everything we do at Insight Partners. Accordingly, we take data security extremely seriously. On January 16, 2025, Insight Partners detected that an unauthorized third-party accessed certain Insight information systems through a sophisticated social engineering attack.
As soon as this incident was detected, we moved quickly to contain, remediate, and start an investigation within a matter of hours. We notified stakeholders connected to Insight in January to alert them and encourage vigilance and tightened security protocols irrespective of having shared data compromised. We also notified law enforcement in relevant jurisdictions.
There is no evidence that the threat actor was present after January 16, 2025. Further, there has been no additional disruption to Insight’s operations as a result of the incident.
We are working diligently to determine the scope of the incident with the support of third-party cybersecurity experts, a leading forensic and eDiscovery expert, and external legal counsel which, as shared with stakeholders, will take several weeks. We don’t believe, based on what is known, there will be any material impact on portfolio companies, Insight funds or other stakeholders. Insight will update any impacted individuals once information becomes available during our investigation.
