VC firm Insight Partners says thousands of staff and limited partners had personal data stolen in a ransomware attack

Venture superior steadfast Insight Partners has notified thousands of people, including the firm’s constricted partners, that their personal accusation was stolen by hackers successful an earlier information breach.

In a connection connected September 4, the VC elephantine said it completed its reappraisal earlier successful August pursuing its information breach, which it described arsenic a “social engineering attack” without further explanation.

The task steadfast has present said  successful a ceremonial information breach notification filed with California’s lawyer general this week that the hackers broke successful during mid-October 2024 to the company’s quality resources system. It said the hackers exfiltrated information from Insight’s servers and began encrypting the systems connected January 16, 2025, a hallmark of a ransomware attack.

Insight separately besides told the Maine lawyer general this week successful an authoritative announcement that the ransomware onslaught affects much than 12,600 people.

Neither of the information breach notification letters disclosed what circumstantial idiosyncratic information was taken from Insight’s systems.

But according to the company’s earlier statement, the stolen information included accusation astir definite Insight Partners’ funds, absorption companies, and portfolio companies. The hackers besides took banking and taxation information, the institution said, arsenic good arsenic idiosyncratic accusation astir its existent and erstwhile employees and its constricted partners — the typically backstage and unnamed investors who assistance supply superior to Insight’s task funds.

Insight Partners has said small other astir the information breach, specified arsenic whether the institution received an extortion request from the hackers oregon if it paid the hackers. (It’s not uncommon for companies to face demands for payment successful speech for the hackers deleting oregon not publishing the stolen data.)

Kristen Zeck, a spokesperson for Insight Partners, did not respond to emails with questions astir the breach sent anterior to publication.

The institution has much than $90 cardinal successful assets nether its absorption and has invested successful immoderate of the largest cybersecurity companies today, including Databricks and Wiz.

Insight Partners joins a fistful of different task firms successful caller years to person been hacked.

Silicon Valley task steadfast Advanced Technology Ventures was hit by a ransomware attack successful 2021, the aforesaid twelvemonth that Sequoia Partners experienced a data breach. Both incidents allowed hackers to swipe idiosyncratic accusation of their firms’ constricted partners.

Updated connected September 17 with further details astir the ransomware attack.