Topics
former
AI
Amazon
Image Credits:Devin Coldewey / TechCrunch
Apps
Biotech & Health
Climate
Image Credits:Devin Coldewey / TechCrunch
Cloud Computing
DoC
Crypto
initiative
EVs
Fintech
fund raise
contrivance
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
security measures
Social
quad
Startups
TikTok
Transportation
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
U.S. repairable laptop maker Framework has confirmed that hackers accessed customer data after successfully phishing an employee at its accounting service provider .
In an e-mail commit to affected client , Framework said that an employee at Keating Consulting , its chief outside accountancy partner , fell dupe to a societal engine room attack that allowed malicious hackers to obtain client ’ personal information related to outstanding balances for Framework purchases .
The San Francisco - base Framework was founded in belated 2019 by former Apple and Oculus railroad engineer Nirav Patel . The company , which raised $ 18 million in Series A funding head by Oculus angel Spark Capital in 2022 , positions itself as a proponent of the right - to - reparation move , and its devices — such as itsFramework Laptop 16 — are designed to be promiscuous to fix with replaceable division .
“ On January 9th , at 4:27am PST , the assailant mail an email to the comptroller impersonating our chief operating officer asking for Accounts Receivable information pertaining to striking Balance for Framework leverage , ” Framework said in its notification , which the company has not yet shared publicly but wasposted by a customer on the party ’s forum .
The notification pronounce the accountant responded to this e-mail on January 11 , providing the aggressor with a spreadsheet containing client information , including full names , email addresses and balances owe . Framework order affected customers that hackers could utilise this stolen information to impersonate Framework to ask for payment information .
“ take note that this list was chiefly of a subset of assailable pre - order , but some completed past order with pending accounting syncs were also included in this tilt , ” Framework tell .
It ’s not yet known if any of Keating ’s other clients were also move . The Silicon Valley - based accounting system company , which primarily provides interim financial leaders and back - office livelihood to inauguration , has almost 300 clients , grant to its site . These let in online chemist’s shop GoodRx ( which wasrecentlyfined $ 1.5 million for sharing users ’ wellness data with Facebook and Google),computational chemistry platform Molecule.comandcorporate learning business Udemy .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
Keating has not yet reply to TechCrunch ’s question nor partake any information publically about its breach .
Framework said that in light of the incident at Keating , the company will require compulsory phishing and social engineering onset training for any of the party ’s employees who have access to Framework customers ’ info . “ We are additionally audit the trainings and standard operating procedures of all other accounting and finance consultants who currently or previously have had access to customer information , ” the computing machine Almighty add .
Framework added that it sent notifications to all touch client , but has not yet said how many of its client are affected . Framework did not immediately respond to TechCrunch ’s questions .
Do you have any more information about this incident ? you’re able to get hold of Carly Page firmly on Signal at +441536 853968 or by email atcarly.page@techcrunch.com . you’re able to alsocontact TechCrunch via SecureDrop .
