Lorenzo Franceschi-Bicchierai

Senior Reporter, Cybersecurity, TechCrunch

Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy. You can contact Lorenzo securely on Signal at +1 917 257 1382, on Keybase/Telegram @lorenzofb, or via email at lorenzo@techcrunch.com.

Lorenzo Franceschi-Bicchierai

Latest from Lorenzo Franceschi-Bicchierai

Badoo, Bumble, Grindr, happn, Hinge and Hily all had the same flaw that could have helped a malicious user identify the near-exact location of another user.

Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say

Featured Article

Hacked, leaked, exposed: Why you should never use stalkerware apps

Using stalkerware is creepy, unethical, potentially illegal, and puts your data and that of your loved ones in danger.

Hacked, leaked, exposed: Why you should never use stalkerware apps

Several people who received the CrowdStrike offer found that the gift card didn’t work, while others got an error saying the voucher had been canceled.

CrowdStrike offers a $10 apology gift card to say sorry for outage

Cybersecurity firm Dragos and Ukrainian authorities found a cyberattack targeting critical infrastructure in Lviv.

Hackers shut down heating in Ukrainian city with malware, researchers say

Here’s everything you need to know so far about the global outages caused by CrowdStrike’s buggy software update.

What we know about CrowdStrike’s update fail that’s causing global outages and travel chaos

Venture capital giant a16z fixed a security vulnerability in one of the firm’s websites after being warned by a security researcher.

Researcher finds flaw in a16z website that exposed some company data

A security researcher found that some traffic lights controllers are exposed on the internet and could be manipulated.

Hackers could create traffic jams thanks to flaw in traffic light controller, researcher says

This is a guide on how to check whether someone compromised your online accounts.

How to tell if your online accounts have been hacked

Featured Article

What the AT&T phone records data breach means for you

The giant U.S. telco lost the information of around 110 million customers. Here’s what you need to know.

What the AT&T phone records data breach means for you

Cybersecurity experts are criticizing Microsoft for data breach notification emails that are confusing customers.

Microsoft emails that warned customers of Russian hacks criticized for looking like spam and phishing

VPN makers report having received a notification from Apple that their apps have been removed from the App Store in Russia.

Apple removes VPN apps at request of Russian authorities, say app makers

HealthEquity said in an 8-K filing with the SEC that it detected “anomalous behavior by a personal use device belonging to a business partner.”

HealthEquity says data breach is an ‘isolated incident’

Roll20 said that on June 29 it had detected that a “bad actor” gained access to an account on the company’s administrative website for one hour.

Roll20, an online tabletop role-playing game platform, discloses data breach

Twilio says “threat actors were able to identify” phone numbers of people who use the two-factor app Authy.

Twilio says hackers identified cell phone numbers of two-factor app Authy users

The situation around a data breach that’s affected an ever-growing number of fintech companies has gotten even weirder. Evolve Bank & Trust announced last week that it was hacked and…

Newsletter writer covering Evolve Bank’s data breach says the bank sent him a cease and desist letter

Evolve, a popular financial institution for fintech startups, announced that a cyberattack affected “the data and personal information of some Evolve retail bank customers and financial technology partners’ customers.” 

Yieldstreet says some of its customers were affected by the Evolve Bank data breach

The news highlights that the fallout from the Evolve data breach on third-party companies — and their customers and users —  is still unclear.

Fintech company Wise says some customers affected by Evolve Bank data breach

The company “identified a security incident that involved bad actors targeting a limited number of HubSpot customers and attempting to gain unauthorized access to their accounts” on June 22.

HubSpot says it’s investigating customer account hacks

Fintech-friendly Evolve Bank disclosed a data breach, saying it may have impacted customers and partners.

Startups scramble to assess fallout from Evolve Bank data breach

Featured Article

Kaspersky resellers deride US government ban: ‘Complete bulls—t’

“It’s just a lot of time lost for nothing,” a U.S.-based Kaspersky reseller told TechCrunch, following the news of a US sales ban.

Kaspersky resellers deride US government ban: ‘Complete bulls—t’

Telegram’s founder Pavel Durov says his company only employs around 30 engineers. Security experts say that raises serious questions about the company’s cybersecurity.

Telegram says it has ‘about 30 engineers’; security experts say that’s a red flag

A hacker is advertising customer data allegedly stolen from the Australia-based live events and ticketing company TEG on a well-known hacking forum. On Thursday, a hacker put up for sale…

Hacker claims to have 30 million customer records from Australian ticket seller giant TEG

The U.S. government announced sanctions against 12 executives and senior leaders of the Russia-based cybersecurity giant Kaspersky. In a press release, the Department of the Treasury’s Office of Foreign Assets…

US government sanctions Kaspersky executives

U.S. officials imposed the “first of its kind” ban arguing that Kaspersky threatens U.S. national security because of its links to Russia.

US bans sale of Kaspersky software citing security risk from Russia 

A researcher has found a bug that allows anyone to impersonate Microsoft corporate email accounts, making phishing attempts look credible and more likely to trick their targets.  As of this…

Security bug allows anyone to spoof Microsoft employee emails

Since April, a hacker with a history of selling stolen data has claimed a data breach of billions of records — impacting at least 300 million people — from a…

The mystery of an alleged data broker’s data breach

Privacy watchdogs in the U.K. and Canada have launched a joint investigation into the data breach at 23andMe last year.  On Monday, the U.K,’s Information Commissioner’s Office (ICO) and the…

UK and Canada privacy watchdogs investigating 23andMe data breach

Featured Article

Bangladeshi police agents accused of selling citizens’ personal information on Telegram

Two senior police officials in Bangladesh are accused of collecting and selling citizens’ personal information to criminals on Telegram.

Bangladeshi police agents accused of selling citizens’ personal information on Telegram

Japanese crypto exchange DMM Bitcoin confirmed on Friday that it had been the victim of a hack resulting in the theft of 4,502.9 bitcoin, or about $305 million.  According to…

Hackers steal $305M from DMM Bitcoin crypto exchange

On Friday, Pal Kovacs was listening to the long-awaited new album from rock and metal giants Bring Me the Horizon when he noticed a strange sound at the end of…

Rock band’s hidden hacking-themed website gets hacked