Cybersecurity Concerns

I was at the gym a couple of weeks ago when I looked up at one of the televisions to read that UnitedHealth was hacked and the company paid hackers a $22 million ransom. According to Reuters, "UnitedHealth blamed the hack on the "Blackcat" gang, a notorious ransomware group that has a history of disruptive attacks. In a message posted to, and then quickly deleted from their darknet site, the hackers said on Feb. 21 that they stole millions of sensitive records, including medical insurance and health data, from the company.' United Healthcare is my health insurance provider.

Literally a week later, I received a letter in the mail that AT&T had been hacked and customer information was released on the dark web. Per AT&T's website - "Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders."

I called a friend of mine, Garland Moore , a Solutions Architect at F5 Networks, and asked him what he thought about all these breaches. He said the challenge with detecting security breaches is that malicious code hackers use to steal information is buried so deeply into a company's database that many tech teams can't find it. Most large organizations create and store millions of terabytes of data every day. Going back through that data to find when and where the breach occurred can sometimes take years. For example, the Dominion National breach took nine years to detect!

Other security breaches:

MGM Grand - https://www.cnn.com/2023/10/05/business/mgm-100-million-hit-data-breach/index.html

UnitedHealth - https://www.reuters.com/technology/cybersecurity/hhs-opens-probe-into-hack-unitedhealth-unit-2024-03-13/

ATT - https://about.att.com/story/2024/addressing-data-set-released-on-dark-web.html

Dominion National - https://www.scmagazine.com/news/dominion-national-reaches-2m-settlement-over-nine-year-data-breach

Marriott - https://techcrunch.com/2022/07/06/marriott-breach-again/

Tech companies like Cribl make it easier and faster to sort through data to find security breaches. I'm not going to go into the details on "how" they do that, but if you're interested in reading about it a link to Cribl's whitepaper is HERE .

As I think about what this means for my firm and how we make investments, I'm forced to ask myself first how we think about data security as a firm, and second, how can we help our portfolio companies think about data security to ensure they're not compromised now or in the future.

Most early-stage companies use third-party providers like AWS, Azure, and Google Cloud to store and retrieve data. These services are relatively affordable and easy to use. However, as companies grow their data storage and access needs will change. As such, we seek to understand what a founder's current technology infrastructure looks like now and how they plan to ensure data integrity as they grow.

As the world becomes more and more digitized data security will continue to be a critical topic. Every industry and sector will be affected, so I'm bullish on companies building solutions to combat this ever-present problem.

Cheers,

KM