In a statement released on Monday, Robinhood — the fee-free platform for stock trading and investing — confirmed that it has suffered a large-scale data breach, with roughly 7 million people’s personal data being leaked.
The company said that the attack took place on November 3 and that an unauthorized party was able to obtain access to five million people’s email addresses and two million people’s full names. However, a smaller subset of around 310 people had additional personal information compromised including their date of birth, name, and zip code. Approximately 10 people had even more extensive account details leaked, although Robinhood didn’t elaborate on the nature of that data.
The attacker manipulated a Robinhood employee over the phone into giving up access to customer support systems containing personal customer data. Fortunately, however, after completing its initial investigation and containing the attack, the company is confident that “no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident.”
At this moment it is unclear if the attacker is looking to sell the leaked data on either an underground forum or the dark web, although this is what regularly happens, and what happened in the recent LinkedIn and T-Mobile data leaks.
Robinhood advised its customers to not click on any links in any security alerts they may receive and to go to Help Center > My Account & Login > Account Security on the Robinhood website for more information on how to secure their accounts.
Looking for bulletproof protection against data leaks?
Then why not claim your Trend Micro™ ID Security 30-day free trial today! ID Security can monitor the internet and the dark web for your personal data — 24/7! If your data is leaked, you’ll be the first to know!
Scan the QR code below to download Trend Micro ID Security for Android/iOS now:
Or click the button for more information about Trend Micro ID Security: