A major enterprise cash agency primarily based in California’s Silicon Valley has fallen target to a cyber-attack.
In accordance to Axios, Sequoia Capital contacted buyers on Friday, February 19, to inform them that their money details and private facts experienced been accessed by an unauthorized third party. The details breach occurred immediately after the email account belonging to an worker at the business was compromised in a phishing attack.
Sequoia Money is run from offices on Sand Hill Street in Menlo Park. Organizations that the firm has invested in incorporate Airbnb, DoorDash, 23andMe, GitHub, Google, Zoom, WhatsApp, YouTube, and Robinhood, and cybersecurity firms Carbon Black, Tessian, and FireEye.
The 49-yr-old agency reported legislation enforcement had been notified of the security breach and that IT professionals had been hired to look into what happened and restore cybersecurity to the firm.
“We not long ago seasoned a cybersecurity incident. Our security group responded instantly to examine, and we contacted regulation enforcement and engaged foremost outdoors cybersecurity specialists to enable remediate the issue and sustain the ongoing security of our systems,” stated a Sequoia spokesperson.
“We regret that this incident has transpired and have notified affected people. We have built significant investments in security and will continue to do so as we function to address constantly evolving cyber threats.”
Sequoia Capital, which Pitchbook information states has more than $38bn in property beneath administration, explained it had uncovered no evidence that any trader data compromised in the incident has been misused.
“Phishing attacks are a genuine risk for numerous corporations. On the other hand, not all phishing security incidents are equivalent and productive phishing attacks that compromise staff members with privileged access or obtain to privileged info can have a serious effect possibly from ransomware or info theft,” Joseph Carson, chief security scientist and advisory CISO at Thycotic explained to Infosecurity Magazine.
“The hottest information about Sequoia Capital reveals that privileged access continues to be a important problem for organizations and how critical it is to protect privileged access and accessibility to privileged data,” Carson claimed. “Privileged entry is no longer just about domain admins . . . [I]t is also critical to look at business buyers who have entry to sensitive info as privileged access.”
Some areas of this report are sourced from: