Robinhood Hack Compromises Millions of Customer Email Addresses

Someone not too long ago hacked and tried to extort Robinhood, the favored funding and buying and selling platform, getting access to tens of millions of consumers’ electronic mail addresses and full names within the course of.

The platform revealed the safety incident in a blog post revealed Monday, assuring customers that no one had misplaced any cash because of the incident.

“An unauthorized third party obtained access to a limited amount of personal information for a portion of our customers,” the corporate revealed, whereas emphasizing that the breach had since been contained and that there had been “no financial loss to any customers.”

The incident, which befell on Nov. 3, was apparently the results of a social engineering scheme that focused a buyer assist worker. The hacker satisfied the worker that they had been cleared to entry “certain customer support systems,” and subsequently gained entry to the e-mail addresses of roughly 5 million prospects and the complete names of roughly 2 million prospects, the corporate mentioned.

For a a lot smaller subset of consumers, the info breach was considerably extra invasive: “We also believe that for a more limited number of people—approximately 310 in total—additional personal information, including name, date of birth, and zip code, was exposed, with a subset of approximately 10 customers having more extensive account details revealed,” the corporate’s weblog submit says.

G/O Media could get a fee

All colours on sale at the moment
Gizmodo describes these premium headphones as “annoyingly incredible.” This is the lowest we’ve seen the Apple AirPods Max yet.

Afterward, the criminal attempted to extort the company with the information it had stolen.

When reached for comment, a Robinhood representative confirmed to Gizmodo that no “Social Security numbers, bank account information, or debit card numbers were exposed in the breach.”

“I can also confirm that we’ve reached out to the relevant authorities,” Robinhood corporate communicates manager Casey Becker said. “We do not have any additional information beyond the blog post to share at this time.”

Robinhood says it is also currently working with Mandiant, a leading cybersecurity firm, to further investigate the incident.

In its blog post, Robinhood has pointed prospects to its Account Security web page. While stolen electronic mail addresses and names could not appear that unhealthy, they’ll simply be weaponized by cybercriminals. Hackers typically try to pair such information factors with different private info that they’ll recuperate by way of open-source or illicit means—all within the hopes of doubtless compromising your private accounts.