The controversial compliance startup Delve has now parted ways with accelerator Y Combinator, following a string of allegations about misleading clients. According to the company's COO Selin Kocalar, 'YC and Delve have parted ways,' in a post on X.

These accusations stem from an anonymous Substack writer calling themselves ‘DeepDelver,’ who alleged that Delve misled customers by certifying them as compliant with privacy regulations despite failing to meet those requirements. DeepDelver also accused the company of using open-source tools improperly and passed off reports generated by a third party.

Despite these claims, both Kocalar and CEO Karun Kaushik have pushed back, declaring their intention to ‘set the record straight.’ They claim that evidence points to a malicious attack rather than a genuine whistleblower. In a recent blog post, they said: 'It appears that an attacker purchased Delve under false pretenses, maliciously exfiltrated data, including Delve’s internal company data, and used it to launch a coordinated smear campaign against us.'

Delve has also been grappling with another controversy, where malware was discovered in an open-source project developed by one of its clients, LiteLLM. In their latest blog post, they reiterated their stance that the claims are ‘a mix of fabricated claims, cherry-picked screenshots, and data taken out of context.’

The situation highlights the complex landscape startups face as they navigate rapid growth and regulatory compliance. While it appears Delve is taking steps to improve customer confidence, the implications for tech ethics remain a pressing issue.