Robinhood discloses data breach impacting 5 million customers

by · BleepingComputer

Stock trading app RobinHood has disclosed a data breach after their systems were hacked and unauthorized user gained access to the personal information of approximately 5 million customers.

The attack occured on November 3rd after a threat actor called a customer support employee and used social engineering to obtain access to customer support systems.

After accessing the support systems, the threat actor was able to access customer information, including full names, email addresses, and for a limited number of people, data of birth, and zip codes.

"At this time, we understand that the unauthorized party obtained a list of email addresses for approximately five million people, and full names for a different group of approximately two million people," disclosed a blog post published today about the security incident.

"We also believe that for a more limited number of people—approximately 310 in total—additional personal information, including name, date of birth, and zip code, was exposed, with a subset of approximately 10 customers having more extensive account details revealed."

After learning of the attack and securing their systems, RobinHood received an extortion demand. While RobinHood has not provided any details regarding the demand, it was likely to pay a Bitcoin ransom demand to prevent the leaking of the data.

RobinHood says they are continuing to investigate the incident with the help of Mandiant, a well-known cybersecurity firm commonly called into perform incident response after attacks.

“As a Safety First company, we owe it to our customers to be transparent and act with integrity,” said Robinhood Chief Security Officer Caleb Sima. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.” 

This is a developing story.