When Hackers Police Their Own: The Epstein Purge

The 30-Year Tradition That Just Hit a Wall

Def Con has never been known for playing it safe. The world's largest hacking conference has always celebrated the rebellious spirit of cybersecurity professionals who think outside the box. But on Wednesday, the conference made an unprecedented move: it banned three prominent figures linked to Jeffrey Epstein from ever attending again.

The banned individuals—Pablos Holman, Vincenzo Iozzo, and Joichi Ito—all appear in the Department of Justice's latest release of Epstein investigation files. Their email exchanges with the convicted sex offender, as reported by Politico, became the smoking gun that sealed their fate.

The Heavy Hitters Who Fell

Vincenzo Iozzo represents the biggest name on the list. Currently CEO of identity startup SlashID, Iozzo was previously a director at CrowdStrike after the security giant acquired his cybersecurity startup IperLane in 2017. His interactions with Epstein spanned 2014 to 2018—crucially continuing even after the Miami Herald resurfaced allegations against Epstein.

Iozzo's spokesperson called Def Con's action "entirely performative," noting he'd "barely attended the conference in the past twenty years." But the damage extends beyond Def Con: cybersecurity conferences Black Hat and Code Blue have already scrubbed Iozzo from their official review boards.

Joichi Ito, former director of MIT Media Lab, resigned in 2019 after revelations that he maintained personal and financial relationships with Epstein despite knowing about his criminal history. Pablos Holman, general partner at venture capital firm Deep Future, had been in contact with Epstein since 2010 and even helped him suppress negative online coverage.

The Industry's Reckoning

This isn't just about three individuals—it's about an industry grappling with its own moral compass. Cybersecurity has always operated in gray areas, where the line between "white hat" and "black hat" hackers can blur. But when it comes to associating with convicted criminals, the community is drawing hard lines.

The timing is particularly significant. As cybersecurity becomes increasingly critical to national security and corporate survival, the industry faces growing scrutiny about who gets to shape its future. The $150 billion global cybersecurity market can't afford reputation risks.

Trust in an Untrustworthy World

For cybersecurity professionals, trust isn't just a nice-to-have—it's the foundation of everything they do. Companies entrust them with their most sensitive data. Governments rely on them to protect critical infrastructure. When that trust erodes, the entire ecosystem suffers.

The ban also raises questions about collective responsibility. Should entire conferences police the personal conduct of attendees? How far back should background checks go? And what happens when someone's technical expertise conflicts with their ethical lapses?