Robinhood Hacking Compromises The Data Of Millions Of Users
Robinhood recently announced a hacking event on its systems, exposing the data of millions of users.
Robinhood is one of the most popular trading app for stocks and with the rise of meme coins it has become one of the first contact points for new investors looking to get into crypto market. The user base is more than 22 million in 2021, all of whom were left vulnerable in the data breach.
The attack happened on November 3rd, according to company. The attacker had called Robinhood customer service rep and somehow gained access to the support systems through the call. Robinhood caught the breach when it occurred and had followed up with the appropriate authorities to keep its systems safe. Regardless, the attacker was already able to get a hold of millions of users’ data before the breach could be contained.
The hacker threatened to take action with the data they had acquired. But Robinhood confirmed that it was indeed not a ransomware attack, declining to state if the attacker had asked for a ransom and if one had been provided.
About 7 million people in total were compromised in the breach, although to varying extent. Approximately 5 million of the affected users had their email addresses compromised. Further 2 million users had their email addresses and full names stolen in the hack. While a smaller portion suffered more extensive data breaches as Robinhood announced that about 310 users had their email addresses, full names breached, in addition to birth dates and ZIP. Ten users saw the attacker take more of their data, but Robinhood did not reveal what data was compromised in their cases.
Aftermath Of The Hacking
After news of the hacking came out, Robinhood shares had fallen 3% in extended trading on Monday. This was not a big loss. The bigger implications were the effects a hack like this can have on users who had their data stolen.
The company had admitted that about 7 million customers data was compromised. This data could be sold on the dark web by the attacker, which could be used to carry out further personal attacks on the users affected in the data breach. Users are urged to change their details on the platform to ensure that their accounts stay safe.
Robinhood has assured users that it has the breach under control. No user funds were lost, and no Social Security, bank account, or credit/debit card numbers were exposed in the breach.
Security firm Mandiant Inc. is helping Robinhood to investigate the data breach. CTO of Mandiant, Charles Carmakal, said that the company had “conducted a thorough investigation to assess the impact” of the breach. Carmakal also said going forward it’s likely that other firms will the target of the same hacker.
