- Robinhood said Monday that it experienced a data breach impacting millions of customers.
- Hackers obtained customers’ emails and names, but no financial information, the company said.
- Robinhood said it’s working with security firm Mandiant and has contained the breach.
Trading app Robinhood said in a blog post Monday that millions of its customers’ personal information was exposed in a data breach last week.
“At this time, we understand that the unauthorized party obtained a list of email addresses for approximately five million people, and full names for a different group of approximately two million people,” the post said.
Robinhood also said that hackers also obtained “additional personal information, including name, date of birth, and zip code,” for 310 customers, and “more extensive account details” for 10 of those customers, and that the company is “in the process of making appropriate disclosures to affected people.”
“No social Security numbers, bank account numbers, or debit card numbers were exposed” and “there has been no financial loss to any customers as a result of the incident,” Robinhood said, based on its investigation.
The data breach occurred last Wednesday after hackers tricked a customer support employee by phone” into giving them access to “certain customer support systems,” according to the post.
The hackers then demanded a ransom payment, Robinhood said (the company did not respond to Insider’s questions about whether it paid – or plans to pay – the ransom).
Robinhood also said that it notified law enforcement and is working with outside security firm Mandiant to continue investigating the breach.
Robinhood has had cyber security troubles before, with hackers targeting its users last year, successfully gaining access to around 2,000 of its customers’ trading accounts.
Powered by WPeMatico