- Insight Partners confirms 12,657 people affected for the October 2024 ransomware attack
- The attackers exfiltrated and encrypted data; But no group has claimed responsibility
- The victims offered identity protection; No evidence of misuse of data was not reported so far
Months after suffering a cyber attack and confirming data theft, the Risk Capital firm Insight Partners has begun to notify the affected people.
The company has submitted a new report to the Office of the Attorney General of Maine, which also included a copy of the letter that was sent.
Insight Partners is a worldwide risk and private capital firm that invests high growth software and technology companies. In the letter, he said when the violation was seen, how long the attackers lived and what they did after extinguished the data.
How to stay safe
“Insight Partners research on the incident determined that, around October 25, 2024, a threat actor successfully used a sophisticated social engineering attack to obtain access to affected servers,” says the letter. “Once inside, the threat actor began to exfiltrate data from these servers, and starting at 10:00 am or around January 16, 2025, began to encrypt these servers.”
The letter does not establish who the threat actors are or what their demands were. From now on, no group has publicly assumed the responsibility of the attack.
In another part of the presentation, Insight Partners confirmed that exactly 12,657 people stole the confidential information, which included bank and fiscal information, personal information of current and previous employees, information related to limited partners, as well as fund information, management companies and portfolio company.
The company also said that all victims will be notified at the end of September 2025, and customers who are not notified by then did not have their compromised files.
Insight Partners was founded in 1995, based in New York City and offices in London, Tel Aviv and Palo Alto. As of April 2025, the firm manages approximately $ 90 billion in assets and has so far invested in more than 875 companies worldwide.
To stay safe, the company recommends that users register to obtain courtesy identity theft protection services, provided through Experian. They must also change all business and personal passwords, enable multifactor authentication (MFA) and consider placing a freezing in their credit reports.
At the time of publication, there was no evidence that the archives were abused in nature.
Through Bleepingcomputer
