Robinhood Data Breach Exposes 7 Million Customers’ Information

Robinhood Data Breach Exposes 7 Million Customers’ Information

November 9, 2021

Robinhood confirmed on Sunday that its data security was breached in a recent cyber attack on November 3, resulting in the exposure of the personal details of millions of customers.

According to the trading platform, the attacker has obtained the emails of 5 million Robinhood customers and the full names of another 2 million customers. Additional personal information, including name, date of birth, and zip code, were also exposed for a small group of approximately 310 customers.

Furthermore, the platform could not protect ‘more extensive account details’ of another set of around ten customers.

The platform, however, stressed that none of the social security numbers, bank account numbers, or debit card numbers were exposed with no financial losses.

“We are in the process of making appropriate disclosures to affected people,” the announcement stated.

A Socially Engineered Attack

Robinhood detailed that the attack was partly socially engineered as the attacker disguised as a customer support employee to gain access to certain customer support systems. The attacker demanded an extortion amount from the trading platform after the intrusion was contained.

The platform has already reported the breach to law enforcement and is investigating the breach with third-party security firm Mandiant.

“As a Safety First company, we owe it to our customers to be transparent and act with integrity,” Robinhood’s Chief Security Officer, Caleb Sima said in a statement. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”

This, however, is not the first cyber security breach the platform had endured. Last year, nearly 2,000 brokerage accounts at Robinhood were compromised by an attack that gave hackers the ability to take over users’ trades and funds.

Meanwhile, a group of Robinhood traders is also seeking the court’s permission to open a class-action lawsuit against the company for abrupt trading outages that led to potential losses to the traders.

Source: Read Full Article