Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Robinhood Markets, Inc. is an American financial services firm based in Menlo Park, California. It is best known for offering commission-free stock, ETF, and cryptocurrency trading via a mobile app launched in March 2015.
What Happened?
After their systems were compromised, a threat actor acquired access to the personal information of around 7 million consumers, stock trading company Robinhood announced a data breach.
Late in the evening of November 3, we experienced a data security incident. An unauthorized third party obtained access to a limited amount of personal information for a portion of our customers. Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident.
The unauthorized party socially engineered a customer support employee by phone and obtained access to certain customer support systems. At this time, we understand that the unauthorized party obtained a list of email addresses for approximately five million people, and full names for a different group of approximately two million people.
We also believe that for a more limited number of people—approximately 310 in total—additional personal information, including name, date of birth, and zip code, was exposed, with a subset of approximately 10 customers having more extensive account details revealed. We are in the process of making appropriate disclosures to affected people.
After we contained the intrusion, the unauthorized party demanded an extortion payment. We promptly informed law enforcement and are continuing to investigate the incident with the help of Mandiant, a leading outside security firm.
A threat actor impersonated a customer service representative and utilized social engineering to gain access to customer support systems.
The threat actor had access to client information after gaining access to the support systems, including complete names, email addresses, and, for a limited number of customers, date of birth and zip codes.
As reported by BleepingComputer the data breach exposed, email addresses belonging to 5 million customers, the full names of 2 million customers, and the name, date of birth, and zip code of 300 people.
Fortunately, no Social Security Information, bank account numbers, or debit card details were disclosed as a result of the incident.
RobinHood received an extortion demand after learning about the incident and securing their systems, but at this time the perpetrators remain unknown.
RobinHood said they are still looking into the incident with the support of Mandiant.
As a Safety First company, we owe it to our customers to be transparent and act with integrity. Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.
When it comes to what can the customers do in order to keep their accounts safe, Robinhood encourages them to follow a few simple steps:
If you are a customer looking for information on how to keep your account secure, please visit Help Center > My Account & Login > Account Security. When in doubt, log in to view messages from Robinhood—we’ll never include a link to access your account in a security alert.
It’s worth noting that the corporation intends to contact all impacted users about the security issue.
In an email from Robinhood posted on Twitter, the company appears to alert its consumers about phishing attempts, which attempt to mimic the company in order to get access to a user’s account.
How Can Heimdal™ Help?
Heimdal™ Threat Prevention – Network provides unique threat hunting and ultimate visibility over an entire network, therefore offering A to Z protection, regardless of device or operating system.
If you liked this article follow us on LinkedIn, Twitter, YouTube, Facebook, and Instagram to keep up to date with everything cybersecurity.
Dora is a digital marketing specialist within Heimdal™ Security. She is a content creator at heart - always curious about technology and passionate about finding out everything there is to know about cybersecurity.
