The surrounding controversy Delve It seems the compatibility startup’s affiliation with accelerator Y Combinator has come at a cost.
Delve is no longer listed among YC’s portfolio companies and Delve page seems to have been removed from the YC site. In addition, Selin Kocalar, COO of the startup Posted in X “YC and Delve have parted ways.”
“I still remember the day we got our YC interview at MIT,” Kocalar said. “We’re so grateful to the community and every founding friend we’ve made.”
YC isn’t the first investor to walk away from Delve. Insight Partners also appears to have deleted posts about his investment in the companyalthough his main blog post was later reinstated.
Meanwhile, Delve continues to retreat Anonymous claims to be defrauding customers Telling them they comply with privacy and security regulations, they skip the allegedly important requirements and auto-generated reports for “rubber-stamp reporting certification mills”.
These allegations were published for the first time anonymous Substack post attributed to “DeepDelver,” who describe themselves as former Delve customers who became suspicious after receiving leaked data about the startup’s customers.
DeepDelver posted a follow-up post sharing what he had to say Slack and video posts from the company as well accuses Delve of passing off an open source tool as its ownwithout credit or agreement with the developer. A security researcher said it could too access to sensitive Delve data.
Techcrunch event
San Francisco, CA
|
October 13-15, 2026
Delve happened in the meantime is part of the related debate When the malware was discovered in an open source project developed by Delve client LiteLLM.
In the company’s latest blog postDelve COO Kocalar and CEO Karun Kaushik stated that they intend to “break the record for anonymous attacks”. Among other things, they claimed the company had hired a cybersecurity firm “to help us figure out what happened,” and said “the evidence points to a malicious attack rather than a genuine whistleblower.”
“It appears that the attacker purchased Delve under false pretenses, maliciously scrapped data, including Delve’s internal company data, and used it to launch a coordinated smear campaign against us,” they said. The blog post also includes a screenshot of what it says “shows an attacker hacking our audit trail table. file.io.”
In addition to this accusation, Delve also described the criticism of DeepDelver as “a mixture of fabricated claims, cherry-picked screenshots and information taken out of context”. DeepDelver, for example, “defies our AI by admitting to automating 70% of security queries,” they said.
As for using open source tools, Delve says it “builds on the Apache 2.0 open source repository, which explicitly allows commercial use, and has significantly refactored it for compatibility use cases.”
However, executives also said they are taking steps to ensure customers “feel confident in our platform and compliance results.”
Those steps include purging the company’s network to remove audit firms that supposedly “don’t meet our standards,” “offering free re-audits and penetration tests to all active clients,” and “making it clear” that Delve’s templates for things like board meeting minutes are “only intended to be a starting point.”
In Writing in XKaushik made many of the same points, but also said, “(W)e have grown too fast and fallen short of our standard. We deeply apologize for the inconvenience caused to our customers.”
TechCrunch reached out to Y Combinator and DeepDelver for any response to Delve’s comments.
