Stock trading platform Robinhood has confirmed that it was hacked last week and the hack affected around 7 million customers. The company published a detailed blog post confirming how the platform was hacked and what data could be accessed.
Hackers used social engineering on a customer support employee to get access to customer support systems. This access allowed unauthorized access to customer information, including full names, email addresses, and for a limited number of people, data of birth, and zip codes.
The company confirmed that hackers obtained a list of email addresses for approximately five million people and full names for a different group of approximately two million people. The company also says that for a limited number of people, they gained access to other information. additional personal information, including the name, date of birth, and zip code of approximately 310 people was also exposed.
The company doesn’t believe any Social Security numbers, bank account numbers, or debit card numbers were exposed. If you are a customer, you should visit Help Center > My Account & Login > Account Security.
“As a Safety First company, we owe it to our customers to be transparent and act with integrity,” said Robinhood Chief Security Officer Caleb Sima. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”
After the company secured its system, the hacker also demanded an extortion payment. Robinhood claims that it notified law enforcement and security firm Mandiant to investigate the breach.
