Venture capital firm Insight Partners has announced that it will notify an unspecified number of individuals that their personal information was stolen during a cyberattack in January. The firm confirmed in an updated statement that it will alert affected parties on a rolling basis, starting "in the next few days."

The stolen data includes personal information about Insight Partners' current and former employees, as well as information relating to its limited partners – the investors who provide capital to Insight's venture funds but whose names are typically kept private. Additionally, the breached data includes information about certain funds, management companies, and portfolio companies, including sensitive banking and tax information.

This is the first time Insight Partners has acknowledged that data was exfiltrated during the January cyberattack. The company previously attributed the hack to an "sophisticated" social engineering attack, but has not yet provided evidence to support this claim. The specific nature of the attack remains unclear, and a spokesperson for Insight Partners did not immediately return a request for comment.

Insight Partners is one of the largest tech startup investors in the world, with over $90 billion in regulated assets under management. The firm has helped fund several cybersecurity giants, including Wiz and Armis, making the breach particularly ironic. The incident highlights the vulnerability of even the most prominent players in the tech industry to cyber threats.

This is not the first time a venture capital firm has fallen victim to a cyberattack. In 2021, Silicon Valley venture firm Advanced Technology Ventures was hit by a ransomware attack that allowed criminals to steal data on the firm's limited partners. The incident serves as a reminder of the importance of robust cybersecurity measures, particularly for organizations that handle sensitive information.

The breach also raises concerns about the potential consequences for Insight Partners' portfolio companies and investors. The stolen data could be used for malicious purposes, such as identity theft or financial fraud. The firm's notification process will likely be closely watched, as affected individuals seek answers about the scope of the breach and the measures being taken to prevent future incidents.

In the wake of the breach, Insight Partners will need to take swift and transparent action to regain the trust of its stakeholders. This includes providing clear guidance on the notification process, as well as implementing additional security measures to prevent similar incidents in the future. As the tech industry continues to grapple with the challenges of cybersecurity, the Insight Partners breach serves as a stark reminder of the importance of vigilance and proactive security measures.