Venture capital giant Insight Partners has confirmed that a January ransomware attack compromised the personal data of more than 12,000 people, including employees, former staff, and the firm's usually-secretive limited partners.

The disclosure came in [1]a letter filed with Maine's Attorney General this week , marking the first time Insight has publicly acknowledged that the incident involved data-encrypting malware.

It previously described the breach only as a "sophisticated social engineering attack."

[2]

According to the filing, attackers gained access to servers used by the HR and finance teams on or around 25 October 2024. They quietly exfiltrated data before kicking off encryption at around on January 16, 2025 — the point at which Insight's IT team detected the intrusion and booted them out.

[3]

The data breach notification letter doesn't say what data the hackers managed to grab. However, [4]an earlier public statement from Insight said the stolen data included information about certain Insight funds, management companies, and portfolio companies, along with banking and tax records. Personal information relating to current and former employees and limited partners – the wealthy backers of Insight's venture funds – was also taken.

[5]Scattered Spider gang feigns retirement, breaks into bank instead

[6]Jaguar Land Rover supply chain workers must get Covid-style support, says union

[7]Senator blasts Microsoft for 'dangerous, insecure software' that helped pwn US hospitals

[8]Frostbyte10 bugs put thousands of refrigerators at major grocery chains at risk

Insight manages more than $90 billion in assets and backs a long list of tech and cybersecurity companies, including Twitter, Wiz, Hootsuite, SentinelOne, and Recorded Future. The VC giant says it has mailed notification letters to all affected individuals and is offering complimentary credit or identity monitoring services.

The company says it has also "implemented necessary security measures to re-secure affected systems and to prevent similar occurrences in the future", which included rebuilding affected systems, patching the misconfiguration that let the miscreants in, and beefing up internal defenses to stop it from happening again.

Which crew was behind the ransomware hit, what they demanded, or whether Insight coughed up any cash remains a mystery. Insight Partners did not respond to The Register 's questions.

Get our [9]Tech Resources



[1] https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/6e8d4d1e-a895-468d-bd52-cb59ce501364.html

[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aMwsmIZQk6iRcUzdhmdjqQAAAAI&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aMwsmIZQk6iRcUzdhmdjqQAAAAI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[4] https://www.insightpartners.com/ideas/statement-from-insight-partners-on-cyber-incident/

[5] https://www.theregister.com/2025/09/17/scattered_spider_bank_attack/

[6] https://www.theregister.com/2025/09/15/covidstyle_furlough_schemes_for_jlr/

[7] https://www.theregister.com/2025/09/11/wyden_microsoft_insecure/

[8] https://www.theregister.com/2025/09/02/frostbyte10_copeland_controller_bugs/

[9] https://whitepapers.theregister.com/