SpyCloud Scores $21 Million in Round Led by Microsoft’s M12

Account takeover (ATO) prevention specialist SpyCloud has raised $21 million in funding in a round led by Microsoft’s venture fund, M12. And if there’s one phrase to describe how the company plans to spend the new capital, it’s “we’re hiring.”

SpyCloud announced in a blog post accompanying the funding announcement that it will be adding to its current security research, development, and sales and marketing teams. The Austin, Texas-based company also said it plans to expand to new markets around the globe.

“We are excited and optimistic about what this new round of funding will do for SpyCloud and the world at large,” the post read. “With this money, we are more confident than ever that as criminals scale their methods to collect and weaponize compromised passwords, SpyCloud will be able to go toe-to-toe with even the most sophisticated of them.”

Existing investors Silverton Partners and March Capital Partners also participated in the Series B round, which boosts SpyCloud’s total capital to more than $28 million.

Left to right: SpyCloud Chris LaConte (Head of Business Development) and Tedd Ross (CEO and co-founder) demonstrating the company’s Exposed Credential Monitoring and Alert Service at FinovateFall 2017.

SpyCloud differentiates its cybersecurity offering in a number of ways, such as featuring human experts at the center of its account takeover prevention capabilities rather than relying on an automated solution. The company deploys what it calls “multi-tiered, underground intelligence gathering techniques” to provide a critical additional step in finding stolen credentials before they are sold on the underground markets of the dark web.

The company’s 60 billion asset database of exposed credentials and personally identifiable information (PII) is also a major asset. Last year, SpyCloud recovered and analyzed 3.5 billion sets of online credentials from nearly 3,000 data breaches and other sources from the dark web – including 2.6 billion credential sets with a password. Adding to its development team, the company noted, would enable it to both enhance its password cracking capabilities, as well as add to its API integrations and Active Directory Protection for automated Windows domain protection.

“Passwords and their reuse across personal and work accounts are the leading cause of ATO, one of the most imminent threats to businesses of all sizes,” SpyCloud co-founder and CEO Ted Ross said. “As criminals use more complex, scalable methods to collect and weaponize compromised passwords, organizations need to take proactive measures to prevent, detect, and remediate exposures. SpyCloud meets that immediate need.”

Founded in 2016, SpyCloud demonstrated its Exposed Credential Monitoring and Alert Service at FinovateFall 2017 – winning Best of Show. Last spring, the company announced that it was partnering with fellow Finovate alum Credit Karma, just one month after announcing a $5 million Series A round led by Silverton Partners and March Capital Partners.

Finovate Alumni News

On Finovate.com

  • SpyCloud Scores $21 Million in Round Led by Microsoft’s M12.
  • Temenos Partners with Saudi Arabia’s Al Rajhi Bank.
  • Tymebank Goes Live with Core Banking Tech from Mambu.

Around the web

  • NICE Actimize partners with crypto finance company Circle to deploy its market surveillance technology.
  • Silvergate Bank to deploy Finastra’s Total Payments, leveraging the API-enabled solution to support payment processing.
  • Leading Vietnam-based consumer finance firm, FE Credit, chooses Vymo’s AI-powered personal sales assistant.
  • Bambu and CredoLab earn spots on Fintech News Singapore’s 29 Hottest Fintechs in Singapore 2019 roster.
  • GreatHorn announces capability to detect credential theft involving Microsoft Office 365 and Google G Suite.
  • Identitii joins the Banking Industry Architecture Network (BAIN).

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

Finovate Alumni News

On Finovate.com

  • Fiserv and InComm Partner for Cash Billpay.
  • Unison Raises $40 Million to Promote the American Dream.
  • Munnypot Picks Up Investment from Livingbridge.
  • Five Degrees and BillPro Launch New European Cross Border Banking Service.
  • The ROI of a Finovate Demo.

Around the web

  • Infosys Finacle partners with Santander UK to launch interbank cash management system.
  • Luxoft to use open source blockchain platform Corda from R3.
  • Texas Tech FCU to deploy hardware, software, and services from NCR as it overhauls its customer experience.
  • Fiserv makes its Prologue Credit Loss Manager and risk modeling tools available via the cloud.
  • PYMNTS.com features Best of Show-winning cybersecurity specialist, SpyCloud.
  • American Banker: U.K.’s Revolut teams with Russia’s Qiwi ahead of U.S. launch.
  • Bill.com surpasses $50 billion in business payments processed annually.
  • The Tech Tribune names nCino and Passport among the 10 best tech startups in North Carolina.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

Credit Karma Partners with SpyCloud to Add Dark Web Data Monitoring

Not long ago, a poster at the Credit Karma Credit Advice forum wrote:

I’ve been seeing links to see if my personal data is on the “dark web.” Is this something Credit Karma can do?

Now we know the answer to that question is “yes.”

Credit Karma has expanded its identity theft monitoring offering to include data from the dark web. Courtesy of a partnership with fellow Finovate alum – and Best of Show winner – SpyCloud, Credit Karma will dramatically increase the number of data breaches it is able to review for its 80 million users. Currently searching 4.5 billion public breaches, the new service will boost the total number of data breaches searched to 13 billion.

Vice President of Data Products Anish Acharya explained to TechCrunch that the decision to offer the dark web data breach search service was important for its users, and that a “pervasive” problem like identity theft from data breaches required a “comprehensive” solution. Credit Karma users can access the dark web monitoring service via the app in the ID Monitoring option in the Settings menu. The service can be accessed online via the Resources tab at the company’s website.

Credit Karma’s move comes less than a year after the company introduced its free identity monitoring service. This service provides users with monitoring, notifications, and advice such as how to report fraud, freeze their credit, or change their passwords. It adds to the free credit monitoring and personalized financial recommendations that has been the Credit Karma’s stock in trade since the company provided its first free credit score in 2008.

“Over the last ten years, you’ve come to rely on us as we continue to look for ways to help you save money and stay on top of your financial identity, and we take that trust seriously,” Credit Karma Product Manager Adam Boender wrote on the company’s blog when the new service was announced last fall. “As part of our mission to be your financial assistant, it made a lot of sense for us to build and provide ID monitoring as data breaches have become more prevalent.”

Last month, Credit Karma announced a $500 million secondary investment from Silver Lake that boosted its valuation to $4 billion. Named to the Forbes Fintech 50 in February, Credit Karma began the year partnering with American Express to offer tax refund advances. Credit Karma is one of Finovate’s earliest alums, demonstrating its technology at FinovateStartup 2009. The company is headquartered in San Francisco, California, and was founded in 2007. Kenneth Lin is CEO.

Making its Finovate debut at FinovateFall 2017 – and earning a Best of Show award – SpyCloud protects businesses and their customers from account takeover (ATO) attacks – a form of cyberfraud that is increasingly common due to the widespread reuse of passwords. The company’s solution protects Windows accounts from takeover automatically and leverages its rich dataset to launch new fraud investigations of potentially exposed customer and employee accounts, including those compromised credentials being actively traded on the dark web.

Founded in 2016, Austin, Texas-based SpyCloud has recovered more than 32 billion breached assets and more than 500,000 C-level executive records. The company’s technology recovers six million credentials a day and more than 50 breached databases per week. Read our feature on SpyCloud from last fall, SpyCloud Spots Stolen Credentials with Deep Dives into the Dark Web.

SpyCloud Lands $5 Million in Funding

Security breach detection and account takeover prevention service SpyCloud recently brought home $5 million in funding. The Series A round comes courtesy of existing investors Silverton Partners and March Capital Partners. This brings the Austin-based company’s total funding to $7.5 million.

SpyCloud helps prevent account takeovers by proactively identifying exposed accounts as early as possible so that businesses can force password changes for vulnerable accounts before fraudsters take action. The company will use the new funds to fuel product development, conduct deeper security research, expand its database of assets, and grow its team.

The company was founded in 2016 and emerged from stealth mode a year later. Since that time, SpyCloud has compiled a database of 32 billion exposed accounts, leaked passwords, and pieces of personally identifiable information; it adds billions of new account data points every month. This data repository is available to service providers via an API to help prevent customer account takeover. SpyCloud has protected tens of millions of accounts for notable companies across a variety of industries, including finance, retail, and healthcare.

“There isn’t a company in the world that doesn’t run the constant risk of having its employee or customer accounts exposed, and that leads to a host of other issues,” said Ted Ross, CEO and co-founder of SpyCloud. “The only chance businesses stand against these increasingly-proficient criminals is to know as soon as possible which accounts have been exposed and to take preventative measures well before credentials make it onto the dark web.”

SpyCloud CEO and Co-Founder Ted Ross, along with Head of Business Development, Chris LaConte, gave a Best of Show-winning presentation at FinovateFall 2017. The company also has the honor of winning the NATO Communications and Information (NCI) Agency Defense Innovation Challenge. We published a profile on SpyCloud, along with an interview with Ross, last fall.

Finovate Alumni News

On Finovate.com

  • SpyCloud Lands $5 Million in Funding.
  • Finovate Alums Earn Spots on insideBIGDATA IMPACT 50 List.
  • The Faves of FinovateSpring: A Brief History of Best of Show Winners

Around the web

  • Benzinga reports: Tuition.io Helps Enterprises Tackle A $1.4 Trillion Crisis.
  • Speedway names InComm as Innovative Business Partner of the Year.
  • Revolut updates business accounts.
  • Bazaarvoice launches new solution to make personalization more powerful.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

SpyCloud Spots Stolen Credentials with Deep Dives into the Dark Web

Of all the anxieties of cybersecurity, the spectre of your personal credentials sitting in some digital warehouse on the dark web is probably near the top of the list. Every breach we read about in the news, whether it is at a retail business, a financial institution or even a government agency, brings this fear back the fore.

SpyCloud, a cyber security firm out of Austin, Texas that won Best of Show in its Finovate debut last month, takes a unique approach to this problem. The company’s Exposed Credential Monitoring and Alert Service, on display at FinovateFall, enables both institutions and individuals to find out if their exposed credentials are being actively traded on the dark web.

Left to right: SpyCloud Head of Business Development Chris LaConte and CEO and Co-Founder Ted Ross demonstrating the SpyCloud Exposed Credential Monitoring and Alert Service.

SpyCloud’s current focus is on providing its technology to the enterprise, especially in the financial, technology, and healthcare sectors. These verticals have been repeatedly targeted by cybercriminals who use techniques such as “credential stuffing” – in which stolen account credentials are used to access user accounts in large-scale, automated login requests – to compromise employee and consumer accounts, alike.

SpyCloud’s solutions and services include:

  • Corporate Credential Exposure Notifications that provide matching historical breach exposure instantly and include SpyCloud’s monitoring of the underground for stolen assets.
  • ATO (Account Takeover) for Employees which provides an Active Directory monitor tool for a single device and automatically compares new stolen credentials to a list of active users.
  • ATO for Customers which integrates the SpyCloud API into the customer login to identify customers with exposed credentials

Additionally, SpyCloud’s technology helps identify users that have been exposed to credential-stealing malware, resetting accounts or initiating further security precautions. The company also provides support for investigators via data mining through tools such as Maltego.

With our focus on security this month, we thought SpyCloud’s innovative approach – including actually interacting with the dark web’s nefarious characters to learn more about their tactics and strategies – was worth learning more about. After speaking with Ted Ross, CEO of SpyCloud, during the week of FinovateFall 2017, we followed up with a few questions by e-mail. Here are our questions and his responses.

Finovate: You began your Best of Show-winning presentation with a question about how secure we believed our personal credentials to be? Why start the conversation about security at this point?

Ted Ross: I started with this question because credential theft is a problem that affects people on a personal level – not just at work. Those who do not work in the cybersecurity space, are not regularly thinking about how exposed their credentials may be. It’s not until large-scale breaches like Equifax, Yahoo, etc. that most people begin thinking about their PII being in the hands of the wrong people. Our job is to not only educate companies on their employee and customer exposure, but to proactively alert to prevent any repercussions that may come from compromised personal credentials.  

Finovate: We are seeing a lot of new responses to the challenge of cybersecurity. SpyCloud’s approach seems unique– How did you come up with the idea?

Ross: A few years ago, I noticed the increasing trend of 3rd party data breaches and realized how these credentials put unsuspecting organizations and individuals at risk. I also realized that there wasn’t an effective solution to stop this problem. Most solutions to address this problem were/are heuristic or behavior-based solutions. From experience, behavior-based technologies are prone to false positives.  There was a need for a solution that compares existing credentials to exposed credentials with “an exact match”. No false positives, no calls to the help desk and can gracefully snap into and improve behavior based solutions.

Finovate: What is “human intelligence tradecraft” and how does it help you “interact with the bad guys and capture the information they are stealing before they post it to public forums or paid sites”?

Ross: Human intelligence (HUMINT) tradecraft is essentially the techniques, tactics and procedures used by our research team to social engineer threat actors. We don’t share details of our tradecraft for operational security reasons. At a high level, the tradecraft is used to infiltrate and maintain connections to covert threat groups/actors. We make use of HUMINT to gain access to stolen information before it can be posted to a public forum or sold/traded on the underground. Our goal is to recover this information before it can be used against our customers.

Finovate: Just how bad is the problem of stolen credentials on “the underground” as you called it? Is the problem getting worse?

Ross: The problem is getting much worse. It’s easy to see how the problem has progressed over the last 5 years with our breach timelines. When customers add their domains, they can see the number of 3rd party breaches that contained credentials that map to their employees. They can see that between 2011-2014, they were impacted by one or two breaches a year. Now, we are finding 10 new breached databases (from private sources – you won’t read about these in the press) every working day! We find so many credentials that we typically ingest about 40 million new credentials every week (and this is after we scrubbed out the duplicates). At this point, we have credentials for just about every enterprise with a digital presence. 

Finovate: What about your background encouraged you to tackle this challenge, particularly as it related to cybersecurity in financial services?

Ross: Having built a threat sharing platform in a past role, I was able to experience the various threat feeds that are available today. Most of them revolve around Indicators of Compromise (IoCs).  Something that requires a trained cyber security professional to create and use. In parallel, companies are looking for solutions that are easy to understand, easy to operationalize, effective, and priced fairly.  We created SpyCloud to address these issues. Our solution helps global enterprises, large financial institutions as well as smaller organizations and individuals. We realized up front that if it helped individuals at a personal level, then the aggregate would be something that is important for financial organizations. In aggregate, we are in a strong position to protect any organization with an online presence (i.e., financials and retailers) from customer account takeovers.     

Finovate: What’s next for SpyCloud? What are the company’s plans over the balance of 2017 and heading into 2018?

Ross: We’ve experienced tremendous growth in 2017 and don’t see that slowing down. Our Q3 results exceeded expectations. Among our enterprise wins this year, we brought on four of the largest companies in the world (within their respective industries). Q4 looks to be even stronger than Q3 and our pipeline is growing at somewhat unbelievable rates. Going into 2018, we are hiring additional security researchers and developers. In 2018, we have a few new surprises for our customers – something that will significantly strengthen their security posture while maintaining our core tenants of easy to use, highly effective and priced to be disruptive.   

SpyCloud CEO and founder Ted Ross and Head of Business Development Chris LaConte demonstrating SpyCloud Exposed Credential Monitoring and Alert Service at FinovateFall 2017.

Finovate Alumni News

On Finovate.com

  • Check out a sneak peek of BeeOnPay’s FinovateAsia demo next week.
  • IBM Security Introduces New Solution to Help Banks Spot Fraudulent Accounts.
  • Modo Forms Fintech Partnerships to Engage Consumers at the Point of Sale.
  • SpyCloud Spots Stolen Credentials with Deep Dives into the Dark Web.
  • The Faves of FinovateAsia: A Brief History of Best of Show Winners.

Around the web

  • NetGuardians included in Chartis RiskTech 100 2018.
  • Compass Plus earns PA DSS v3.2 compliance.
  • ACI Worldwide now supports the European Payments Council (EPC) SEPA Instant rulebook standard ISO 20022 within its Universal Payments (UP) solutions portfolio.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

Finovate Alumni News

On Finovate.com

  • National Bank of Canada Joins SecureKey’s Digital Identity Network.
  • P2Binvestor Launches Bank Partnership Program.
  • doxo Surpasses 30,000 Payable Billers on its Platform
  • Contextual Commerce Platform Omnyway Raises $12.75 Million in Series A.

Around the web

  • ConnectOne Bank ($4.7 billion in assets) to deploy nCino’s Bank Operating System.
  • ACI Worldwide partners with European clearing and settlement firm, STET, to bring real-time payment solution to PSPs.
  • FICO reports increased accuracy of its Enterprise Security Score when it comes to predicting data breaches.
  • Finastra moves its payments solution to the cloud via Microsoft Azure.
  • Trusted Knight partners with eTECH Channel.
  • CloudTrade and Taulia partner to enable businesses to transition to paperless invoicing.
  • iSignThis’ ISXPay initiates further Australian card acquiring/processing contracts.
  • BancPass announces license agreement with mobile tolling provider PayTollo.
  • EFL a finalist in the 2017 MIT Inclusive Innovation Challenge.
  • Datanami article on bot technology features insights from Narrative Science CEO Stuart Frankel.
  • MoneyMarketing highlights SpyCloud in a look at the safety of life and pensions company data.

This post will be updated throughout the day as news and developments emerge. You can also follow all the alumni news headlines on the Finovate Twitter account.

FinovateFall 2017 Best of Show Winners Announced

Join us in a hearty congratulations for the seven companies that earned not just the admiration of our FinovateFall 2017 attendees, but their votes for Best of Show, as well.

With more than 70 companies demonstrating their technologies live on stage over the course of two days, some diversity in theme and topic is to be expected. What is especially interesting about our Best of Show winners this time around is that, while numbering only seven, these innovators still reflect a wide variety of approaches toward solving some of the most vexing challenges in our financial lives. These are the technologies that we increasingly turn to for help when it comes to saving and investing for the future, working better and more efficiently with our banks and credit unions, and safeguarding our property, our financial transactions, and even our identities against fraudsters, hackers, and other malevolent actors.

So hats off to the Best of Show winners of FinovateFall 2017. From Finovate veterans that have been honored by our attendees with Best of Show trophies in the past to newcomers who made huge, positive impressions in their Finovate debuts this week, these are the companies that help define our industry and show us the direction of fintech innovation to come.

Envestnet | Yodlee for its Financial Health Check that leverages account and transaction-level data to measure and score overall financial health across multiple dimensions including spending, savings, borrowing, and planning.


Finn.ai for its Virtual Banking Assistant, powered by artificial intelligence and available via channels ranging from Facebook Messenger to Amazon Alexa, which makes everyday banking simple and easy for customers.


Jiffee for its tap & pay mobile technology that turns any device into a payment terminal, enabling consumers to pay anywhere and everywhere without relying on plastic credit and debit cards.


Sensibill for its +Pulse solution that helps spot revenue opportunities from on- and off-card purchase data, providing a targeted prospect list for personalized, in-app campaigns.


SpyCloud for its monitoring and alert service that helps organizations better understand their employee and customer digital footprints by giving them visibility into their exposed credentials actively being traded in the underground.


Sustainably for its social good platform for consumers and businesses that turns the spare change from shopping into micro-donations to philanthropic causes.


Voleo for its social trading app that makes it easy for people to invest together, saving time and money, while simultaneously leveraging the collective wisdom of networked investors to pursue market-beating returns.

We want to thank all of the companies that demonstrated their technologies live on stage this year for FinovateFall 2017. From AI, the blockchain, and chatbot technology to mortgagetech, payments, and voice-enabled banking, the breadth of solutions and services shown over the past two days of our conference bodes well for the future of fintech. And be sure to join us Wednesday morning at 9:15 a.m. as we host our first-ever roundtable discussion featuring representatives from each of our Best of Show winning companies.

Notes on methodology:
1. Only audience members NOT associated with demoing companies were eligible to vote. Finovate employees did not vote.
2. Attendees were encouraged to note their favorites during each day. At the end of the last demo, they chose their three favorites.
3. The exact written instructions given to attendees: “Please rate (the companies) on the basis of demo quality and potential impact of the innovation demoed.”
4. The seven companies appearing on the highest percentage of submitted ballots were named “Best of Show.”
5. Go here for a list of previous Best of Show winners through 2014. Best of Show winners from our 2015 and 2016 conferences are below:
FinovateEurope 2015
FinovateSpring 2015
FinovateFall 2015
FinovateEurope 2016
FinovateSpring 2016
FinovateFall 2016
FinovateAsia 2016
FinovateEurope 2017
FinovateSpring 2017