Robinhood, a stock trading and investing platform, experienced a data breach on the evening of 3 November. In a notification by the company, the attackers gained access to a limited amount of information for a part of the platform’s userbase.
Roughly five million people’s email addresses were accessed, and another two million users had their full names leaked to the intruder. Additional personal information such as name, date of birth and zip codes of roughly 310 customers was exposed, with even more information revealed of 10 of them.
The company is investigating the incident along with Mandiant, an external security firm. Robinhood maintains that no Social Security, bank account or debit card numbers were exposed, and no customers have had a financial loss. The company is working to notify the appropriate disclosures to affected people.
Data breach or ransomware attempt?
The attack was carried out by social engineering a customer support employee at the company and obtaining access to specific customer support systems.
After Robinhood was able to contain the intrusion, the intruders demanded payment to release information. It was at this point that the incident was reported to law enforcement.
According to Caleb Sima, Robinhood’s Chief Security Officer, “following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.” He also pointed out that “as a Safety First company, we owe it to our customers to be transparent and act with integrity.”
The following user data was leaked in the incident:
- Email addresses of approximately five million users.
- Real names of approximately two million users.
- Name, date of birth and zip code of about 310 users.
- Further personal information of roughly 10 users.
This is the company’s most significant cybersecurity incident to date, with the last scandal taking place in July 2019 when the company admitted to storing some users’ passwords in plaintext.
In the News: US power grid is under threat from drones