FreshRSS

🔒
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Facebook’s use of ad data triggers antitrust probes in UK and EU

By Natasha Lomas

Facebook is facing a fresh pair of antitrust probes in Europe.

The UK’s Competition and Markets Authority (CMA) and the EU’s Competition Commission both announced formal investigations into the social media giant’s operations today — with what’s likely to have been co-ordinated timing.

The competition regulators will scrutinize how Facebook uses data from advertising customers and users of its single sign-on tool — specifically looking at whether it uses this data as an unfair lever against competitors in markets such as classified ads.

The pair also said they will seek to work closely together as their independent investigations progress.

With the UK outside the European trading bloc (post-Brexit), the national competition watchdog has a freer rein to pursue investigations that may be similar to or overlap with antitrust probes the EU is also undertaking.

And the two Facebook investigations do appear similar on the surface — with both broadly focused on how Facebook uses advertising data. (Though outcomes could of course differ.)

The danger for Facebook, here, is that a higher dimension of scrutiny will be applied to its business as a result of dual regulatory action — with the opportunity for joint working and cross-referencing of its responses (not to mention a little investigative competition between the UK and the EU’s agencies).

The CMA said it’s looking at whether Facebook has gained an unfair advantage over competitors in providing services for online classified ads and online dating through how it gathers and uses certain data.

Specifically, the UK’s regulator said it’s concerned that Facebook might have gained an unfair advantage over competitors providing services for online classified ads and online dating.

Facebook plays in both spaces of course, via Facebook Marketplace and Facebook Dating respectively.

In a statement on its action, CMA CEO, Andrea Coscelli, said: “We intend to thoroughly investigate Facebook’s use of data to assess whether its business practices are giving it an unfair advantage in the online dating and classified ad sectors. Any such advantage can make it harder for competing firms to succeed, including new and smaller businesses, and may reduce customer choice.”

The European Commission’s investigation will — similarly — focus on whether Facebook violated the EU’s competition rules by using advertising data gathered from advertisers in order to compete with them in markets where it is active.

Although it only cites classified ads as its example of the neighbouring market of particular concern for its probe.

The EU’s probe has another element, though, as it said it’s also looking at whether Facebook ties its online classified ads service to its social network in breach of the bloc’s competition rules.

In a separate (national) action, Germany’s competition authority opened a similar probe into Facebook tying Oculus to use of a Facebook account at the end of last year. So Facebook now has multiple antitrust probes on its plate in Europe, adding to its woes from the massive states antitrust lawsuit filed against it on home turf also back in December 2020.

“When advertising their services on Facebook, companies, which also compete directly with Facebook, may provide it commercially valuable data. Facebook might then use this data in order to compete against the companies which provided it,” the Commission noted in a press release.

“This applies in particular to online classified ads providers, the platforms on which many European consumers buy and sell products. Online classified ads providers advertise their services on Facebook’s social network. At the same time, they compete with Facebook’s own online classified ads service, ‘Facebook Marketplace’.”

The Commission added that a preliminary investigation it already undertook has raised concerns Facebook is distorting the market for online classified ads services. It will now take an in-depth look in order to make a full judgement on whether the social media behemoth is breaking EU competition rules.

Commenting in a statement, EVP Margrethe Vestager, who also heads up competition policy for the bloc, added: “Facebook is used by almost 3 billion people on a monthly basis and almost 7 million firms advertise on Facebook in total. Facebook collects vast troves of data on the activities of users of its social network and beyond, enabling it to target specific customer groups. We will look in detail at whether this data gives Facebook an undue competitive advantage in particular on the online classified ads sector, where people buy and sell goods every day, and where Facebook also competes with companies from which it collects data. In today’s digital economy, data should not be used in ways that distort competition.”

Reached for comment on the latest European antitrust probes, Facebook sent us this statement:

“We are always developing new and better services to meet evolving demand from people who use Facebook. Marketplace and Dating offer people more choices and both products operate in a highly competitive environment with many large incumbents. We will continue to cooperate fully with the investigations to demonstrate that they are without merit.”

Up til now, Facebook has been a bit of a blind spot for the Commission’s competition authority — with multiple investigations and enforcements chalked up by the bloc against other tech giants, such as (most notably) Google and Amazon.

But Vestager’s Facebook ‘dry patch’ has now formally come to an end.

The CMA, meanwhile, is working on wider pro-competition regulatory reforms aimed squarely at tech giants like Facebook and Google under a UK plan to clip the wings of the adtech duopoly.

 

Amazon’s market power to be tested in Germany in push for “early action” over antitrust risks

By Natasha Lomas

Germany’s Federal Cartel Office (FCO) is seeking to make swift use of a new competition tool to target big tech — announcing today that it’s opened a proceeding against ecommerce giant Amazon.

If the FCO confirms that Amazon is of “paramount significance for competition across markets” — as defined by an amendment to the German Competition Act which came into force in January (aka, the GWB Digitalisation Act) — the authority will have greater powers to proactively impose conditions on how it can operate in order to control the risk of market abuse.

Section 19a of the GWB enables the FCO to intervene earlier, and the idea is more effectively, against the practices of large digital companies.

The provision gives the authority the power to prohibit digital giants from engaging in anti-competitive practices like self-preferencing; or using tying or bundling strategies intended to penetrate new markets “by way of non-performance based anti-competitive means”; or creating or raising barriers to market entry by processing data relevant for competition.

The FCO already has two other proceedings ongoing against Amazon — one looking at the extent to which Amazon is influencing the pricing of sellers on Amazon Marketplace by means of price control mechanisms and algorithms; and a second examining to agreements between Amazon and brand manufacturers to check whether exclusions placed on third-party sellers on Amazon Marketplace constitute a violation of competition rules — but a finding of “paramount significance” would enable the authority to “take early action against and prohibit possible anti-competitive practices by Amazon”, as it puts it.

Amazon has been contacted for comment on the FCO’s latest proceeding.

It’s the second such application by the Bundeskartellamt to determine whether it can apply the new law to a tech giant.

In January the authority sought to extend the scope of an existing abuse proceeding, opened against Facebook in December — related to Facebook tying Oculus use to Facebook accounts — saying it would look at whether the social media giant is subject to the GWB’s “paramount significance” rules, and whether, therefore, its linking of Oculus use to a Facebook account should be assessed on that basis.

Commenting on its latest move against Amazon in a statement, FCO president Andreas Mundt said: “In the past few years we have had to deal with Amazon on several occasions and also obtained far-reaching improvements for sellers on Amazon Marketplace. Two other proceedings are still ongoing. Parallel to these proceedings we are now also applying our extended competences in abuse control.”

“In this particular case we are first of all examining whether Amazon is of paramount significance for competition across markets. An ecosystem which extends across various markets and thus constitutes an almost unchallengeable position of economic power is particularly characteristic in this respect,” he added. “This could apply to Amazon with its online marketplaces and many other, above all digital offers. If we find that the company does have such a market position, we could take early action against and prohibit possible anti-competitive practices by Amazon.”

In January Mundt made stronger comments vis-a-vis Facebook — describing its social networking ecosystem as “particularly characteristic” of the bar set by the new digital law for proactive interventions, and adding that: “In view of Facebook’s strong market presence with the eponymous social network, WhatsApp and Instagram such a position may be deemed to exist.”

The FCO proceeding to confirm whether or not Facebook falls under the law remains ongoing. (It also has a pioneering case against Facebook’s ‘superprofiling’ of users that’s headed for Europe’s top court — which could result in an order to Facebook to stop combining EU users’ data without consent, if judges agreed with its approach linking privacy and competition.)

Zooming out, the Bundeskartellamt’s moves to acquire more proactive powers at the national level to tackle big tech foreshadow planned updates to pan-European Union competition law. And specifically the ex ante regime which is set to apply to so-called “digital gatekeepers” in future — under the Digital Markets Act (DMA).

The DMA will mean that Internet intermediaries with major market power must comply with behavioural ‘dos and don’ts’ set by Brussels, risking major penalties if they don’t play by the rules.

In recent years lawmakers across Europe have been looking at how to update competition powers so regulators can respond effectively to digital markets — which are prone to anti-competitive phenomena such as networking effects and tipping — while continuing to pursue antitrust investigations against big tech. (The Commission laid out a first set of charges against Amazon in November, for example, relating to its use of third party merchant data.)

The problem is the painstaking pace of competition investigations into digital business vs the blistering speed of these players (and the massive market power they’ve amassed) — hence the push to tool up with more proactive antitrust powers.

Earlier, EU lawmakers also toyed with the idea of a new competition tool for digital markets but quietly dropped the idea — going on propose their ex ante regime for gatekeeper platforms, under the DMA, at the end of last year. However the proposal is in the process of being debated by the other EU institutions under the bloc’s co-legislative approach — which means it’s still likely years away from being adopted and applied as pan-EU law.

That in turn means German’s FCO could have an outsized role in clipping big tech’s wings in the meanwhile.

In the UK, now outside the bloc — where it too may have an influential role in reforming regional competition rules to rebalance digital market power — the government is also working on a pro-competition regime aimed at big tech.

This year it set up a dedicated unit, the DMU, within the national Competition and Markets Authority which will be tasked with overseeing a regime that will apply to platforms which are identified as having “strategic market status” (akin to the German approach of “paramount significance for competition across markets”). And while the UK is taking a similar tack to the EU’s DMA, it has said the domestic regime will not sum to a single set of rules for all gatekeeper-style platforms — but rather there will be bespoke provisions per platform deemed to fall under the ex ante regulations.

 

Big Tech is now worth so much we’ve forgotten to be shocked by the numbers

By Alex Wilhelm

Welcome back to The TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s broadly based on the daily column that appears on Extra Crunch, but free, and made for your weekend reading. If you want it in your inbox every Saturday morning, sign up hereReady? Let’s talk money, startups and spicy IPO rumors.

TechCrunch isn’t a public-market-focused publication. We care about startups. But public tech companies can, at times, provide interesting insights into how the broader technology market is performing. So we pay what we might call minimum-viable attention to former startups that made it all the way to an IPO.

Then there are the Big Tech companies. In the United States the list is well-known: Facebook, Alphabet, Microsoft, Apple and Amazon. And, in a series of results that could indicate a hot market for startup growth, they had a smashingly good first quarter of 2021. You can read our notes on their results here and here, but that’s just part of the story.

Yes, the Big Tech financial results were good — as they have been for some time — but lost amid the usual earnings deluge of numbers is how shockingly accretive Big Tech’s recent performances have proven for their valuations.

Microsoft fell as low as the $135 per-share range last March. Today it’s worth $252 and change. Alphabet traded down to around $1,070 per share. Today the search giant is worth $2,410 per share.

The result of the huge share-price appreciation is that Apple is now worth $2.21 trillion, Microsoft $1.88 trillion, Amazon $1.76 trillion, Alphabet $1.60 trillion and Facebook $0.93 trillion. That’s around $8.4 trillion for the five companies.

Back in July of 2017, I wrote a piece noting that their aggregate value had reached the $3 trillion mark. That became $4 trillion in mid-2018. And then in the next three years or so it more than doubled again.

Why?

Myles Udland, a reporter at our sister publication Yahoo Finance, has at least part of the puzzle in a piece he wrote this week. Here’s Udland:

And while it seems that almost every earnings story has sort of followed this same arc, data also confirms that this is not just our imagination: corporate earnings have never been this far out of line with expectations.

Data out of the team at Refinitiv published Thursday showed the rate at which companies were beating estimates and the magnitude by which they were beating expectations through Thursday morning’s results were the best on record.

So earnings are beating the street’s guesses more frequently, and at a higher differential, than ever? That makes recent stock-market appreciation less worrisome, I suppose. And it helps explain why startups have been able to raise so much capital lately in the United States, as they have in Europe, and why private-market investors are pouring so much capital into fintech startups. And it’s probably why Zomato is going public and why we’re still waiting for the Robinhood debut.

This is what a market feels like when the underlying businesses are firing on all cylinders, it appears. Just don’t forget that no business cycle is unending, and no boom is forever.

An insurtech interlude

Extending The Exchange’s recent reporting regarding fintech funding, and our roundup from last week of insurtech startup rounds, a few more notes on the latter startup niche, which can be broadly viewed as part of the larger financial technology world.

This time we’ll hear from Accel’s John Locke regarding his investments in The Zebra — which recently raised even more capital — and the insurtech space more broadly.

Asked why insurtech marketplaces like The Zebra have been able to raise so very much money in the last year, Locke said that it’s a mix of “insurance carriers […] finally embracing marketplaces and willing to design integrated consumer experiences with marketplaces,” along with more consumer “comparison shopping” and, finally, growth and revenue quality.

The Zebra, Locke said, is “still growing north of 100% at ~$120M+ revenue run-rate.” That means it can go public whenever it wants.

But on that matter, there has been some weakness in the stock market for some public insurtech companies. Is Locke worried about that? He’s neutral-to-positive, saying that his firm does not “think all the companies in the market will work but still thinks ‘insurtechs’ will take market share from incumbents over the next decade.” Fair enough.

And Accel is still considering more deals in the space, as are others. Locke said that the venture market for insurtech investments is “definitely more aggressive” this year than last.

Various and sundry

Closing today, a few notes on things that we didn’t get to that matter:

  • Productboard closed a $72 million Series C. First, that’s a huge round. Second, yes, Tiger did lead the deal. Third, the product management software company has around 4,000 customers today. That’s a lot. Add this company to your two-years-from-now IPO list.
  • Chinese bike-sharing startup Hello is going public in the United States. We are going to get back to this on Monday, but its F-1 filing is here. The company turned $926.3 million worth of 2020 revenues into $109.6 million in gross profit, and a net loss of $173.7 million in net losses. Yowza.
  • Darktrace went public this week. I know of it because it sponsors an F1 team that I adore, but it enters our world today as a recent U.K.-listed company. And after Deliveroo went kersplat, the resounding success of the Darktrace listing could make the U.K. a more attractive place to list than it was a week ago.
  • And, finally, drone delivery is, maybe, coming at last? U.K.-listed venture capital group Draper Esprit led the $25 million round into Manna, which wants to use unmanned drones in Ireland to deliver grub. “Manna sees a huge appetite for a greener, quieter, safer, and faster delivery service,” UKTN reports.

A long, weird week. Make sure to follow the second denizen of The Exchange’s writing team: Anna Heim. Okay! Chat next week!

Alex

Analytics as a service: Why more enterprises should consider outsourcing

By Ram Iyer
Joey Lei Contributor
Joey Lei is director of service management at Synoptek. With more than 14 years of experience in engineering and product management, Lei is responsible for the development and growth of the Synoptek service portfolio and solution development with strategic technology alliance partners.
Debbie Zelten Contributor
Debbie Zelten (SAFe(R) 4 Agilist, SAFe Scrum Master, CSM, LSSGB, PMI-ACP) is the director of application development and business intelligence at Synoptek. She has over 20 years of experience in implementing software and data analytics solutions for companies of all sizes.

With an increasing number of enterprise systems, growing teams, a rising proliferation of the web and multiple digital initiatives, companies of all sizes are creating loads of data every day. This data contains excellent business insights and immense opportunities, but it has become impossible for companies to derive actionable insights from this data consistently due to its sheer volume.

According to Verified Market Research, the analytics-as-a-service (AaaS) market is expected to grow to $101.29 billion by 2026. Organizations that have not started on their analytics journey or are spending scarce data engineer resources to resolve issues with analytics implementations are not identifying actionable data insights. Through AaaS, managed services providers (MSPs) can help organizations get started on their analytics journey immediately without extravagant capital investment.

MSPs can take ownership of the company’s immediate data analytics needs, resolve ongoing challenges and integrate new data sources to manage dashboard visualizations, reporting and predictive modeling — enabling companies to make data-driven decisions every day.

AaaS could come bundled with multiple business-intelligence-related services. Primarily, the service includes (1) services for data warehouses; (2) services for visualizations and reports; and (3) services for predictive analytics, artificial intelligence (AI) and machine learning (ML). When a company partners with an MSP for analytics as a service, organizations are able to tap into business intelligence easily, instantly and at a lower cost of ownership than doing it in-house. This empowers the enterprise to focus on delivering better customer experiences, be unencumbered with decision-making and build data-driven strategies.

Organizations that have not started on their analytics journey or are spending scarce data engineer resources to resolve issues with analytics implementations are not identifying actionable data insights.

In today’s world, where customers value experiences over transactions, AaaS helps businesses dig deeper into their psyche and tap insights to build long-term winning strategies. It also enables enterprises to forecast and predict business trends by looking at their data and allows employees at every level to make informed decisions.

The next tech hearing targets social media algorithms — and YouTube, for once

By Taylor Hatmaker

Another week, another big tech hearing in Congress. With a flurry of antitrust reform bills on the way, Democratic lawmakers are again bringing in some of the world’s most powerful tech companies for questioning.

In the next hearing, scheduled for Tuesday, April 27 at 10 AM ET, the Senate Judiciary’s subcommittee on privacy and technology will zero in on concerns about algorithmic amplification. Specifically, the hearing will explore how algorithms amplify dangerous content and shape user behavior on social platforms.

The subcommittee’s chair Sen. Chris Coons previously indicated that he would bring in tech CEOs, but Tuesday’s hearing will instead feature testimony from policy leads at Facebook, Twitter and YouTube.

The hearing might prove a unique opportunity to hold YouTube’s feet to the fire. In spite of being one of the biggest social networks in the world — one without much transparency about its regular failures to control extremism and misinformation — YouTube seldom winds up under the microscope with Congress. The company will be represented by Alexandra Veitch, YouTube’s regional director of public policy.

In past big tech hearings, Google CEO Sundar Pichai has generally appeared on behalf of YouTube’s parent company while YouTube’s chief executive Susan Wojcicki inexplicably escapes scrutiny. Google is a massive entity and concerns specific to YouTube and its policies generally get lost in the mix, with lawmakers usually going after Pichai for concerns around Google’s search and ads businesses.

In a stylistic repeat of last week’s adversarial app store hearing, which featured Apple as well as some of its critics, misinformation researcher Dr. Joan Donovan and ex-Googler and frequent big tech critic Tristan Harris will also testify Tuesday. That tension can create deeper questioning, providing outside expertise that can fill in some lapses in lawmakers’ technical knowledge.

Policy leads at these companies might not make the same flashy headlines, but given their intimate knowledge of the content choices these companies make every day, they do provide an opportunity for more substance. Tech CEOs like Mark Zuckerberg and Jack Dorsey have been dragged in to so many hearings at this point that they begin to run together, and the top executives generally reveal very little while sometimes playing dumb about the day-to-day decision making on their platforms. The subcommittee’s ranking member Ben Sasse (R-NE) emphasized that point, stating that the hearing would be a learning opportunity and not a “show hearing.”

Democrats have been sounding the alarm on algorithms for some time. While Republicans spent the latter half of the Trump administration hounding tech companies about posts they remove, Democrats instead focused on the violent content, extremism and sometimes deadly misinformation that gets left up and even boosted by the secretive algorithms tech companies rarely shed light on.

We haven’t seen much in the way of algorithmic transparency, but that could change. One narrowly targeted Section 230 reform bill in the House would strip that law’s protections from large companies when their algorithms amplify extremism or violate civil rights.

Twitter CEO Jack Dorsey has also hinted that a different approach might be on the horizon, suggesting that users could hand-pick their preferred algorithms in the future, possibly even selecting them from a kind of third-party marketplace. Needless to say, Facebook didn’t indicate any plans to give its own users more algorithmic control.

With any major changes to the way platforms decide who sees what likely a long ways off, expect to see lawmakers try to pry open some black boxes on Tuesday.

A software bug let malware bypass macOS’ security defenses

By Zack Whittaker

Apple has spent years reinforcing macOS with new security features to make it tougher for malware to break in. But a newly discovered vulnerability broke through most of macOS’ newer security protections with a double-click of a malicious app, a feat not meant to be allowed under Apple’s watch.

Worse, evidence shows a notorious family of Mac malware has already been exploiting this vulnerability for months before it was subsequently patched by Apple this week.

Over the years, Macs have adapted to catch the most common types of malware by putting technical obstacles in their way. macOS flags potentially malicious apps masquerading as documents that have been downloaded from the internet. And if macOS hasn’t reviewed the app — a process Apple calls notarization — or if it doesn’t recognize its developer, the app won’t be allowed to run without user intervention.

But security researcher Cedric Owens said the bug he found in mid-March bypasses those checks and allows a malicious app to run.

Owens told TechCrunch that the bug allowed him to build a potentially malicious app to look like a harmless document, which when opened bypasses macOS’ built-in defenses when opened.

“All the user would need to do is double click — and no macOS prompts or warnings are generated,” he told TechCrunch. Owens built a proof-of-concept app disguised as a harmless document that exploits the bug to launch the Calculator app, a way of demonstrating that the bug works without dropping malware. But a malicious attacker could exploit this vulnerability to remotely access a user’s sensitive data simply by tricking a victim into opening a spoofed document, he explained.

GIF showing a proof of concept app opening uninhibited on an unpatched macOS computer.

The proof-of-concept app disguised as a harmless document running on an unpatched macOS machine. (Image: supplied)

Fearing the potential for attackers to abuse this vulnerability, Owens reported the bug to Apple.

Apple told TechCrunch it fixed the bug in macOS 11.3. Apple also patched earlier macOS versions to prevent abuse, and pushed out updated rules to XProtect, macOS’ in-built anti-malware engine, to block malware from exploiting the vulnerability.

Owens asked Mac security researcher Patrick Wardle to investigate how — and why — the bug works. In a technical blog post today, Wardle explained that the vulnerability triggers due to a logic bug in macOS’ underlying code. The bug meant that macOS was misclassifying certain app bundles and skipping security checks, allowing Owens’ proof-of-concept app to run unimpeded.

In simple terms, macOS apps aren’t a single file but a bundle of different files that the app needs to work, including a property list file that tells the application where the files it depends on are located. But Owens found that taking out this property file and building the bundle with a particular structure could trick macOS into opening the bundle — and running the code inside — without triggering any warnings.

Wardle described the bug as rendering macOS’ security features as “wholly moot.” He confirmed that Apple’s security updates have fixed the bug. “The update will now result in the correct classification of applications as bundles and ensure that untrusted, unnotarized applications will (yet again) be blocked, and thus the user protected,” he told TechCrunch.

With knowledge of how the bug works, Wardle asked Mac security company Jamf to see if there was any evidence that the bug had been exploited prior to Owens’ discovery. Jamf detections lead Jaron Bradley confirmed that a sample of the Shlayer malware family exploiting the bug was captured in early January, several months prior to Owens’ discovery. Jamf also published a technical blog post about the malware.

“The malware we uncovered using this technique is an updated version of Shlayer, a family of malware that was first discovered in 2018. Shlayer is known to be one of the most abundant pieces of malware on macOS so we’ve developed a variety of detections for its many variants, and we closely track its evolution,” Bradley told TechCrunch. “One of our detections alerted us to this new variant, and upon closer inspection we discovered its use of this bypass to allow it to be installed without an end user prompt. Further analysis leads us to believe that the developers of the malware discovered the zero-day and adjusted their malware to use it, in early 2021.”

Shlayer is an adware that intercepts encrypted web traffic — including HTTPS-enabled sites — and injects its own ads, making fraudulent ad money for the operators.

“It’s often installed by tricking users into downloading fake application installers or updaters,” said Bradley. “The version of Shlayer that uses this technique does so to evade built-in malware scanning, and to launch without additional ‘Are you sure’ prompts to the user,” he said.

“The most interesting thing about this variant is that the author has taken an old version of it and modified it slightly in order to bypass security features on macOS,” said Bradley.

Wardle has also published a Python script that will help users detect any past exploitation.

It’s not the first time Shlayer has evaded macOS’ defenses. Last year, Wardle working with security researcher Peter Dantini found a sample of Shlayer that had been accidentally notarized by Apple, a process where developers submit their apps to Apple for security checks so the apps can run on millions of Macs unhindered.

Alleged records of 20 million BigBasket users published online

By Manish Singh

An alleged database of about 20 million BigBasket users has leaked on a well-known cybercrime forum, months after the Indian grocery delivery startup confirmed it had faced a data breach.

The database includes users’ email address, phone number, address, scrambled password, date of birth, and scores of interactions they had with the service. TechCrunch confirmed details of some customers listed in the database — including those of the author.

BigBasket co-founders did not respond to texts requesting comment.

Infamous threat actor "ShinyHunters" just leaked the database of "BigBasket, a famous Indian 🇮🇳 online grocery delivery service. (@bigbasket_com)

20,000,000+ clients affected and information such as emails, names, hashed passwords, birthdates and phone numbers were leaked. pic.twitter.com/tD5TMxNkH7

— Alon Gal (Under the Breach) (@UnderTheBreach) April 25, 2021

The startup confirmed in November last year that it had suffered a data breach after reports emerged that hackers had siphoned off information of 20 million customers from the platform.

TechCrunch has asked one BigBasket co-founder whether the startup ever disclosed the data breach to customers.

A hacker who goes by the name ShinyHunters published the alleged BigBasket database — and made it available for anyone to download — on a popular cybercrime forum over the weekend. In newer posts on the forum, several threat actors claimed that they had decoded the hashed passwords and were selling it. ShinyHunters didn’t immediately respond to a text requesting comment.

The incident comes weeks after Indian conglomerate Tata Group agreed to acquire BigBasket, valuing the Indian startup at over $1.8 billion. The acquisition proposal is currently awaiting approval by the Indian regulator.

With $30M extension, BigID boosts Series D to $100M at $1.25B valuation

By Ron Miller

When we last heard from BigID at the end of 2020, the company was announcing a $70 million Series D at a $1 billion valuation. Today, it announced a $30 million extension on that deal valuing the company at $1.25 billion just 4 months later.

This chunk of money comes from private equity firm Advent International, and brings the total raised to over $200 million across 4 rounds, according to the company. The late stage startup is attracting all of this capital by building a security and privacy platform. When I spoke to CEO Dimitri Sirota in September 2019 at the time of the $50 million Series C, he described the company’s direction this way:

“We’ve separated the product into some constituent parts. While it’s still sold as a broad-based [privacy and security] solution, it’s much more of a platform now in the sense that there’s a core set of capabilities that we heard over and over that customers want.”

Sirota says he has been putting the money to work, and as the economy improves he is seeing more traction for the product set. “Since December, we’ve added employees as we’ve seen broader economic recovery and increased demand. In tandem, we have been busy building a whole host of new products and offerings that we will announce over the coming weeks that will be transformational for BigID,” he said.

He also said that as with previous rounds, he didn’t go looking for the additional money, but decided to take advantage of the new funds at a higher valuation with a firm that he believes can add value overall. What’s more, the funds should allow the company to expand in ways it might have held off on.

“It was important to us that this wouldn’t be a distraction and that we could balance any funding without the need to over-capitalize, which is becoming a bigger issue in today’s environment. In the end, we took what we thought could bring forward some additional product modules and add a sales team focused on smaller commercial accounts,” Sirota said.

Ashwin Krishnan, a principal on Advent’s technology team in New York says that BigID was clearly aligned with two trends his firm has been following. That includes the explosion of data being collected and the increasing focus on managing and securing that data with the goal of ultimately using it to make better decisions.

“When we met with Dimitri and the BigID team, we immediately knew we had found a company with a powerful platform that solves the most challenging problem at the center of these trends and the data question,”Krishnan said.

Past investors in the company include Boldstart Ventures, Bessemer Venture Partners and Tiger Global. Strategic investors include Comcast Ventures, Salesforce Ventures and SAP.io.

Bigeye (formerly Toro) scores $17M Series A to automate data quality monitoring

By Ron Miller

As companies create machine learning models, the operations team needs to ensure the data used for the model is of sufficient quality, a process that can be time consuming. Bigeye (formerly Toro), an early stage startup is helping by automating data quality.

Today the company announced a $17 million Series A led Sequoia Capital with participation from existing investor Costanoa Ventures. That brings the total raised to $21 million with the $4 million seed, the startup raised last May.

When we spoke to Bigeye CEO and co-founder Kyle Kirwan last May, he said the seed round was going to be focussed on hiring a team — they are 11 now — and building more automation into the product, and he says they have achieved that goal.

“The product can now automatically tell users what data quality metrics they should collect from their data, so they can point us at a table in Snowflake or Amazon Redshift or whatever and we can analyze that table and recommend the metrics that they should collect from it to monitor the data quality — and we also automated the alerting,” Kirwan explained.

He says that the company is focusing on data operations issues when it comes to inputs to the model such as the table isn’t updating when it’s supposed to, it’s missing rows or there are duplicate entries. They can automate alerts to those kinds of issues and speed up the process of getting model data ready for training and production.

Bogomil Balkansky, the partner at Sequoia who is leading today’s investment sees the company attacking an important part of the machine learning pipeline. “Having spearheaded the data quality team at Uber, Kyle and Egor have a clear vision to provide always-on insight into the quality of data to all businesses,” Balkansky said in a statement.

As the founding team begins building the company, Kirwan says that building a diverse team is a key goal for them and something they are keenly aware of.

“It’s easy to hire a lot of other people that fit a certain mold, and we want to be really careful that we’re doing the extra work to [understand that just because] it’s easy to source people within our network, we need to push and make sure that we’re hiring a team that has different backgrounds and different viewpoints and different types of people on it because that’s how we’re going to build the strongest team,” he said.

Bigeye offers on prem and SaaS solutions, and while it’s working with paying customers like Instacart, Crux Informatics, and Lambda School, the product won’t be generally available until later in the year.

❌