Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN product, which allowed the hackers to gain access to 119 other unnamed organizations.

TechCrunch (TC) is a leading technology news and media site that covers the latest trends, startups, and innovations in the tech industry. With breaking news,  analysis, and expert commentary, TechCrunch provides  insights into the world of technology and entrepreneurship. Developers can learn about emerging technologies, funding opportunities, and market trends by following TechCrunch's coverage of the tech industry.

TechCrunch

Chinese state-sponsored hackers breached Pulse Secure's network in February 2021 by exploiting a secret backdoor planted in its VPN software, gaining access to 119 organizations including European and U.S. military contractors. Mandiant was aware of the breaches and alerted Ivanti. Bloomberg's reporting ties the security failures to cost-cutting and layoffs following Clearlake Capital Group's 2017 private equity acquisition of Ivanti, which eroded institutional security knowledge. The incident is part of a broader pattern: CISA ordered federal agencies to disconnect Ivanti VPNs in 2024, and additional critical flaws have been exploited since. Similar PE-driven security degradation is noted at Citrix.

VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report

Save up to $300 or 30% to TechCrunch Founder Summit