Eventually, there might be a year when cybercrime is eliminated, and tech companies celebrate endless success. This was not that year. As usual, 2023 was overwhelmed with data breaches, market mistakes, vulnerabilities, and overcorrections. Tech turkeys were everywhere. Many people (and startups) lost their shirts. The time has come to review the top tech turkeys of 2023.
Silicon Valley Bank
It all started with the Silicon Valley Bank (SVB) collapse. The major financial institution was the piggybank of the tech industry, funding startups and giants.
In early March, Silvergate, a smaller bank used mostly in the cryptocurrency industry, shut down its operations. That same afternoon, SVB announced a $1.25 billion common stock sale, sending alarm bells across the industry. The next day, SVB stock prices fell 60%, and venture capitalists started withdrawing their money. Over $42 billion was withdrawn in one day, the largest bank run in U.S. history. The bank had too much liquidity tied up in low-yield government bonds, which they were forced to sell at a loss.
Regulators took over the following day. A few days later, SVB’s UK arm was sold off to HSBC for £1, and within a week, they filed for bankruptcy. The sudden collapse sent the tech industry reeling, with investment opportunities disappearing overnight. Countless startups needed to pivot or change their forecasts, and the sector was ravaged. Anita Ramasastry, a law professor from the University of Washington and former bank regulator with the Federal Reserve, explains the collapse and notes it was the largest bank failure since 2008’s Washington Mutual closure.
As one of the most popular sites on the internet, Reddit has a complicated history with monetization and moderation. Both things collided in June 2023 as the company prepared for a major IPO. Reddit raised API prices significantly as the IPO neared, putting major third-party apps like Apollo out of business. Part of that decision was driven by news that OpenAI had scraped the social network for its learning models.
The user base was incensed, and a huge number of moderators (unpaid moderators) took their respective subreddits dark in protest. While the company would eventually “win” the standoff, with most communities coming back online, the event had a negative impact on Reddit’s reputation—quite important as you go public. The valuation target was $15 billion when Reddit originally started the process. The IPO still hasn’t happened and is now estimated at just $5.5 billion whenever the company does go public. Maybe don’t tick off your entire user base with a single decision.
The homepage of Darkbeam starts with the words “predict, prevent, and detect cyber threats…” Ironic, then, when it was announced that 3.8 billion records had been exposed due to a data breach. SecurityDiscovery had found the hole, and while Darkbeam quickly addressed the vulnerability, over 479 million credential pairs (email addresses and passwords) were exposed—among many other levels of personal identifiable information (PII).
The leak was apparently due to an unprotected Elasticsearch and Kibana data visualization interface. Now, a lot of this data was actually collected from previously known leaks, but Darkbeam had basically organized it for any bad actors. There were collections named “email 0-9” and “email A-F” with millions of login pairs.
At this point, you might already know the story of Zume. Robots that make and deliver pizza. What could go wrong? Turns out, just about everything. Founded in 2015, CEO Alex Garden raised hundreds of millions over the next few years from big capital funds like Softbank. It pivoted once to more general tech and AI for automated food trucks and then had to acquire Pivot, a plant-based packaging company, to get around massive regulatory obstacles.
By 2020 it went through a massive reorganization and downsizing, firing more than 500 employees. All of that, you know. But after some relatively quiet years, Zume finally closed its doors for good in 2023. After an eight-year fight and $445 million in venture funding, Zume had accomplished very little. It will go down as a prime example of overfunding and should be a cautionary tale for both startups and VCs. There likely won’t be another Zume for a while, thanks to the drastic shift in the funding landscape in our post-pandemic world.
It’s difficult to keep up with the MOVEit saga, as new breaches are reported every few days. The managed file transfer software had a massive vulnerability that led to endless cyberattacks and data breaches in 2023. The zero-day vulnerability was an SQLi-to-RCE flaw that enabled unauthenticated users to gain remote access to the MOVEit servers. The doors were basically wide open, waving in disguised files. This kind of flaw would be bad in any environment, but when the company is a file transfer solution for government agencies, highly regulated industries, and massive enterprises, it leads to a firestorm of blowback. More than 2,500 organizations have been confirmed so far. Some that were affected include:
• Government of Nova Scotia
• Ernst & Young
• British Airways
• Universities of Alaska, Colorado, Dayton, Delaware, Idaho, Illinois, Loyola, Missouri, Oklahoma, Rochester, Southern Illinois, Utah, Wake Forest, Washington State
• Warner Bros
• Deutsche Bank
• Siemens Energy
The list goes on and on. Russian hackers acquired the email addresses of 632,000 employees from the Departments of Justice and Defense. Every day, there seems to be another entry in the long tail of breaches, and it isn’t clear when it will end.
Honorable Mention: Threads
We’ll wait for final judgment on this one, but another potential turkey for 2023 appears to be the launch of Threads, meant to be Meta’s rival to X (Twitter). It was a wildfire in the first few days, with the company reporting more than 100 million users in less than five days.
But those numbers quickly came crashing back down, sitting around 10 million in August. The app suffered from some of the same things that doomed Clubhouse, another rocket ship social media platform that struggled to maintain its audience.
Threads was filled with brand managers and marketers looking to capitalize on the new hotness instead of genuinely engaged users. That made it a challenging sell, especially when there was already an established competitor with essentially the same product (though X has had its own problems this year). While it might look cooked, it may not be time to carve this turkey just yet, though. Threads has made some gains back and could still be a candidate for a rebound—especially if X decides to institute something like a mandatory subscription fee.