Venture capital firm Insight Partners has disclosed a data breach that exposed sensitive information about its funds, management companies, portfolio companies, and limited partners.
Why it matters: The incident highlights the growing trend of cyberattacks targeting venture capital firms, despite their financial power and access to cutting-edge cybersecurity investments.
The details:
- Insight Partners described the breach as a “social engineering attack” that occurred in January 2025.
- The stolen data included banking and tax information, personal details of current and former employees, and information about limited partners and investors.
- The firm completed its internal review in August and has since notified affected individuals.
- Insight Partners has not disclosed the number of individuals affected or whether it received or paid any extortion demands.
Insight Partners, which manages over $90 billion in assets, has invested in major tech and cybersecurity companies such as Databricks and Wiz.
The reaction: The firm’s limited disclosure has raised concerns in financial and cybersecurity circles, as limited partners in venture firms usually value discretion and confidentiality.
The background: In recent years, several venture capital firms have been targeted by hackers, including Advanced Technology Ventures, which suffered a ransomware attack in 2021, and Sequoia Capital, which reported a data breach exposing investor information the same year.
The bottomline: The pattern of cyberattacks on venture capital firms underscores the fact that these companies remain attractive targets due to the sensitive data they hold on high-net-worth individuals and institutional investors, despite their investments in cutting-edge cybersecurity.
