IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Robinhood hack exposes data from millions of customers

An attacker socially engineered an employee at the stock-trading platform to gain access to customer support systems

Robinhood has revealed that an unauthorised third party has gained access to millions of customers’ data, adding to the company’s troublesome 2021.

The stock-trading platform said in a blog post that on 3 November a hacker socially engineered a customer support employee by phone and obtained access to certain customer support systems. The company said the unauthorised party obtained a list of email addresses for approximately five million people, and full names for a different group of two million people.

Robinhood added that for around 310 people, personal information like name, date of birth, and zip code were exposed, with a subset of around 10 customers having more extensive account details revealed, although it did not disclose what these details were.

Following the breach, the unauthorised party demanded an extortion payment, said the company, which informed law enforcement and is continuing to investigate the incident with the help of an outside security firm.

Robinhood is also in the process of making disclosures to those affected but believes that no social security numbers, bank account numbers, or debit card numbers were exposed. There has been no financial loss to any customers as a result of the incident.

Related Resource

2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world

2021 state of email security report: Ransomware on the rise - whitepaper from MimecastFree download

“As a Safety First company, we owe it to our customers to be transparent and act with integrity,” said Robinhood chief security officer Caleb Sima. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”

2021 has been a tricky year for Robinhood, which was summoned to a Congressional hearing in February after the company’s app facilitated a January GameStop squeeze. It was instigated by the subreddit r/WallStreetBets and the platform decided to halt trade on popular stocks, as reported by The Verge.

In July, the company had the worst debut ever for an IPO of its size, according to Bloomberg. Shares in the broker fell 8.4% below the IPO price in the company’s first trading session, the worst debut among 51 US firms that raised as much cash as Robinhood or more.

Featured Resources

Defending against malware attacks starts here

The ultimate guide to building your malware defence strategy

Free Download

Datto SMB cyber security for MSPs report

A world of opportunity for MSPs

Free Download

The essential guide to preventing ransomware attacks

Vital tips and guidelines to protect your business using ZTNA and SSE

Free Download

Medium businesses: Fuelling the UK’s economic engine

A Connected Thinking report

Free Download

Most Popular

Getting the best value from your remote support software
Advertisement Feature

Getting the best value from your remote support software

13 Mar 2023
What the UK can learn from the rest of the world when it comes to the shift to IP
Sponsored

What the UK can learn from the rest of the world when it comes to the shift to IP

20 Mar 2023
Why the floppy disk may never die
Server & storage

Why the floppy disk may never die

27 Mar 2023