An anonymous Substack post published this week accuses compliance startup Delve of 'falsely' convincing 'hundreds of customers they were compliant' with privacy and security regulations, potentially exposing those customers to 'criminal liability under HIPAA and hefty fines under GDPR.' Delve is a Y Combinator-backed startup that last year announced raising a $32 million Series A at a $300 million valuation. (The round was led by Insight Partners.) On Friday, the startup attempted to refute the accusations on its blog, calling the Substack post 'misleading' and saying it 'contains a number of inaccurate claims.' The Substack post is credited to 'DeepDelver,' who described themselves as working at a (now former) Delve client. In response to emailed questions from TechCrunch, DeepDelver said that they and their collaborators 'chose to remain anonymous out of fear for retaliation by Delve.' In their post, DeepDelver recounted receiving an email in December claiming the startup had...
learn more
