Robinhood, the well-known online stock trading platform, recently revealed a data breach. The network confirmed that the hackers accessed over two million customer names and five million email addresses.
More importantly, some users even had their specific data stolen. In its blog post, Robinhood talked about the breach, stating a malicious entity engineered its customer support representative over the phone. The incident took place on November 3rd when the breacher accessed its customer support systems.
It allowed the data thief to gain email addresses and names of numerous users. Moreover, they also obtained dates of birth, ZIP codes, and full names of 300+ customers. In addition, the network stated that ten customers had even more extensive data stolen without specifying the information.
However, the platform assured users that it did not lose any debit card numbers, bank account numbers, or social security numbers. Thus, customers were under no immediate financial threat.
Nonetheless, malicious entities can easily use the leaked information to target users. The information comes in handy when curating fraudulent emails using the person’s name and DOB.
Robinhood added that once the network secured the system, the breacher demanded extortion. The network did not comply with any demands and notified security firm Mandiant and law enforcement to investigate the case.
The incident is eerily similar to what Twitter experienced in July 2020. A teenage data thief used social engineering methods to trick Twitter employees into thinking the thief was an employee back then. It allowed them to access the admin tool, allowing the breacher to access several high-profile accounts.
Most of them were used to promote a crypto scam, and the thief amassed over 100,000 dollars in crypto. Twitter eliminated the chances of such happenings by providing security keys to the staff.
Given the similarity of the case, many are questioning the security aspect of Robinhood. Therefore, the network needs to quickly address the issue and take a similar approach to avoid such issues for good.