Stock trading company Robinhood announced a data breach after their systems were compromised. A threat actor acquired access to the personal information of around 7 million consumers.
On November 3rd, a threat actor impersonated a customer service representative and leveraged social engineering to gain access to customer support systems.
After gaining access to the support systems, the threat actor gained access to client information, including complete names, email addresses, and, for a limited number of customers, date of birth and zip codes.
According to a blog post about the security breach published today, an unauthorized party received a list of email addresses for around five million people and full names for another group of approximately two million people. As per the firm, no Social Security information, bank account numbers, or debit card details were disclosed due to the incident.
“An unauthorized third party obtained access to a limited amount of personal information for a portion of our customers. Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident.”
RobinHood got an extortion demand after learning about the incident and safeguarding their systems. While Robinhood has not disclosed any information on the extortion demand, it was most likely a warning that the stolen data would be published unless a Bitcoin ransom was paid.
RobinHood states they’re still looking into the issue with the support of Mandiant, a well-known cybersecurity company specializing in incident response following cyberattacks.
In 2019, after it was revealed that their passwords were saved in plain text or human-readable format, Robinhood advised users to replace all of their passwords. While Robinhood detected no illegal access to these passwords, it is possible that workers were given access to clients’ credentials.