Robinhood, a popular stock-trading app, said that it has been breached by someone who accessed information on 7 million people, then sought to extort the company.
The breach on Nov. 3 provided access to 5 million email addresses and 2 million full names, with another approximately 310 having additional information like zip codes and dates of birth exposed. Around 10 more had “more extensive account details” exposed, the company announced on Monday. Robinhood has become a force in the financial market, with 18 million clients and $80 billion in assets, a summer filing stated.
“Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident,” Robinhood’s statement reads.
It’s the first notable cyber incident on the company to surface since October of 2020, when Bloomberg reported that hackers hit nearly 2,000 accounts and stole some customer funds. The year before, Robinhood said it had stored user credentials in an insecure format.
The FBI warned on Nov. 2 that ransomware attackers are “very likely using significant financial events, such as mergers and acquisitions, to target and leverage victim companies for ransomware infections.”
Robinhood said that after the Nov. 3 incident, it contacted law enforcement and sought the investigative help of cybersecurity firm Mandiant.
“Robinhood quickly contained the security incident and conducted a thorough investigation to assess the impact,” said Charles Carmakal, senior vice president and chief technology officer at Mandiant.” “Mandiant has recently observed this threat actor in a limited number of security incidents and we expect they will continue to target and extort other organizations over the next several months.”
Robinhood didn’t respond to requests for comment on Tuesday.
Updated, 11/9/21: With comment from Mandiant.