Search This Blog

Powered by Blogger.

Blog Archive

Labels

Personal Details of 7 Million Customers Exposed in Robinhood Data Breach

Five million had their email addresses accessed and two million had their full names exposed.

 

Robinhood is the latest online trading platform where threat actors are targeting users. On Nov. 8, the company announced that a data breach exposed the private details of more than 7 million of its customers. Out of them, five million had their email addresses accessed and two million had their full names exposed.

The company said in a news release, the hackers had not accessed any social security numbers, bank account numbers, or debit card information and no customers experienced “financial loss” from the data breach. 

“A malicious hacker had socially engineered a customer service representative over the phone on November 3 to get access to customer support systems. That allowed the hacker to obtain customer names and email addresses, but also the additional full names, dates of birth, and ZIP codes of 310 customers,” the company said in a blog post. 

Robinhood Chief Security Officer Caleb Sima revealed that the hacker threatened to publish the stolen data if the ransom was not paid. The company instead notified law enforcement and security firm Mandiant to investigate the breach. However, the company declined to share details as to whether the firm paid the culprit. 

“As a Safety-First company, we owe it to our customers to be transparent and act with integrity. Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do,” Caleb Sima stated. 

Robinhood said that 10 customers had “more extensive account details revealed.  According to security experts, it’s precisely that kind of information that malicious hackers feed on to facilitate further attacks against victims, like targeted phishing emails, since names and dates of birth can often be used to verify a person’s identity.

This isn't the first security incident Robinhood has faced in recent years. Last year, 2,000 accounts were compromised, and customers’ money was stolen. At the time, it came under fire because affected customers could not contact the company. It has since invested heavily in improving its customer service systems. 

How to protect yourself against threat actors

• Don't click on links in emails 
• Use unique and complex passwords 
• Use two-factor authentication (2FA) 
• Be suspicious of emails if they're pushing you to share your information
Share it:

Cyber Security

Data Leak

Private Details

User Privacy

User Security