Sequoia Capital, an American venture capital firm, told its investors on Friday some of their personal and financial information may have been stolen by a third party.
Sequoia believes a hacker may have gotten unauthorized access to investor information after the company’s employee’s email had been phished.
The news came out on Friday, February 19, when Sequoia Capital told its investors their personal and financial information may have been accessed by a bad actor, as Axios, a popular security news outlet, reported the next day, on Saturday.
Data stolen in such breaches often pop up in places like online forums and dark web marketplaces. But since the attack, the company has been monitoring the dark web and didn’t see anyone trading the compromised data.
Describing investigations that followed the attack, Sequoia spokesperson revealed:
“Our security team responded promptly to investigate, and we contacted law enforcement and engaged leading outside cybersecurity experts to help remediate the issue.”
Sequoia promised its investors that it takes their security very seriously and pledged to ramp up and maintain the security of the company’s systems:
“We regret that this incident has occurred and have notified affected individuals. We have made considerable investments in security and will continue to do so as we work to address constantly evolving cyber threats.”
Sequoia is one of the largest venture capital firms in the world controlling about $1.4 trillion of combined stock market value and having invested in companies like Airbnb, DoorDash, Robinhood, FireEye, and Carbon Black. In 2013, CB Insights recognized Sequoia Capital as the number one venture capital firm.It is unlikely that the recent hack is connected to the suspected Chinese-backed Solarwinds attacks about which we reported about a week ago. Those attacks resulted in a large breach of FireEye and impacted numerous government agencies and large tech giants.