Robinhood Hack Now Includes “Several Thousand” Phone Numbers

More than per week after in style funding and buying and selling platform Robinhood revealed that hackers had obtained entry to a “limited amount” of its prospects’ private info, the corporate has now said that a number of the stolen info included 1000’s of telephone numbers.

In a Tuesday blog update, Robinhood stated that the record obtained by the hackers—which contained e mail addresses for about 5 million individuals and full names for a unique group of roughly two million individuals—included “several thousand entries” with telephone numbers. Although the corporate didn’t reveal what number of telephone numbers have been on the record, Motherboard reported that it’s about 4,400.

Motherboard bought a replica of the stolen telephone numbers “from a source who presented themselves as a proxy for the hackers.” In an announcement to the outlet, Robinhood didn’t affirm whether or not the telephone numbers Motherboard had obtained have been genuine however did acknowledge that the stolen info included 1000’s of telephone numbers.

It additionally identified that it was analyzing different “text entries,” which presumably refers to buyer info, within the record.

“[T]he list also contains other text entries that we’re continuing to analyze,” Robinhood stated in its weblog replace. “We continue to believe that the list did not contain Social Security numbers, bank account numbers, or debit card numbers and that there has been no financial loss to any customers as a result of the incident. We’ll continue making appropriate disclosures to affected people.”

Gizmodo reached out to Robinhood on Wednesday and requested if it had any replace on whether or not delicate private info had been obtained by hackers and was pointed to the corporate’s weblog on the problem, which we included above.

The hack on Robinhood initially passed off on Nov. 3 and was carried out utilizing a social engineering scheme. The nefarious plan concerned the hackers convincing a buyer help worker over the telephone that they’d permission to entry “certain customer support systems.” This gave the hackers entry to roughly 5 million buyer e mail addresses and two million full names.

In addition, at the moment the corporate additionally stated that the hackers had obtained info together with identify, date of beginning, and zip code for 310 individuals. About 10 prospects had extra “extensive” account particulars revealed, though the corporate didn’t outline what info it included below “extensive.”

After acquiring buyer knowledge, the hackers demanded an extortion fee. Robinhood proceeded to get in contact with authorities and contract the safety agency Mandiant to assist it examine the incident.

Running off with stolen e mail addresses and names was already alarming since they can be utilized by cybercriminals to acquire much more knowledge about you and compromise your accounts. However, as Motherboard rightly factors out, telephone numbers are particularly dangerous to lose as a result of hackers can use them to trick the multi-factor authentication in your telephone or ship phishing messages out of your machine.

This is all only a reminder that we should always flip off our telephones, put them in a field, and by no means use the web once more. But that’s not going to occur, is it?