- Silicon Valley VC firm Sequoia Capital told its investors Friday that it was hacked, according to an Axios report.
- The firm told its investors that some personal and financial information may have been accessed by a third party.
- A Sequoia employee was the victim of a successful phishing attempt, the firm said.
- Visit the Business section of Insider for more stories.
One of Silicon Valley’s oldest and most venerable VC firms was hacked.
Sequoia Capital told its investors on Friday that some personal and financial information may have been accessed by a third party after one of its employees fell victim to a successful phishing attack, according to a report in Axios Friday.
Sequoia told investors that it has not yet seen any indication that compromised information is being traded or otherwise exploited on the dark web, Axios reported.
A Sequoia spokesperson confirmed to Insider Saturday that it had “recently experienced a cybersecurity incident” that its security team was investigating. It had also notified law enforcement and was working with outside cybersecurity experts, the firm said.
“We regret that this incident has occurred and have notified affected individuals,” A Sequoia spokesperson told Insider. “We have made considerable investments in security and will continue to do so as we work to address constantly evolving cyber threats.”
Sequoia's investors are called limited partners, and typically include large financial institutions such as university endowments, private family wealth offices, or sovereign wealth funds, but rarely do firms share information about their investors publicly.
Sequoia Capital is one of Silicon Valley's oldest and most successful venture capital firms with more than $38 billion in assets under management, according to Pitchbook data. The 49-year-old venture capital firm has invested in companies such as Airbnb, DoorDash, and 23andMe. It has also invested in cybersecurity companies like FireEye and Carbon Black, according to its website.
It does not appear that the hack was connected to the Solarwinds attacks, which included a larger breach of FireEye and has impacted government agencies and large technology companies like Microsoft.