There’s been another massive data breach, and this time it’s affecting Robinhood and millions of its users. In total, approximately seven million users were part of this hack, so if you’re an investor with Robinhood, there’s a good chance you were among them.
The actual incident took place on November 3, 2021, and was first reported by the company on November 8, 2021. Robinhood said that hackers “obtained access to a limited amount of personal information.”
Apparently, the person tricked a customer support employee into giving them access to the company’s customer support system, which is how they were able to obtain the personal information for so many Robinhood users.
In total, the malicious individual was able to get a list of email addresses for about five million people and full names for a group of around two million people, bringing the total affected to the previously mentioned seven million. A small number of people, about 310, had their names, dates of birth, and zip codes taken. An even smaller subset of 10 customers had more extensive account details revealed. Robinhood says it is “in the process of making appropriate disclosures to affected people.”
Fortunately, it appears that no Social Security numbers, bank account information, or debit cards were exposed, and there doesn’t appear to have been any financial loss as a result of the hack.
Robinhood has addressed the issue, and the culprit has demanded extortion money in exchange for the information. The company is working with law enforcement to clear up the matter. It is also working with Mandiant, a leading outside security firm, to deal with the problem.
“As a safety first company, we owe it to our customers to be transparent and act with integrity,” Robinhood chief security officer Caleb Sima said on the company’s website. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”
If you’re a Robinhood user, keep a watchful eye on your email address to see if your information was stolen. It’s always a good idea to change your passwords if you were involved in a situation like this, as well.