- Trading platform Robinhood has suffered a security breach
- Five million email addresses, two million names and other information was stolen by a hacker
- The hacker managed to gain access to the company’s servers through a member of the support staff
Popular trading platform Robinhood has suffered what it calls a “data security incident” which has seen some five million email addresses stolen from its records. Two million names were also taken from the database as well as a smaller number of datasets containing more personal information. Robinhood says that a member of its support staff was socially engineered and allowed the attacker access to its internal records.
Robinhood Hacker Tried to Extort Company
Robinhood made the announcement yesterday, stating that a hacker “socially engineered” a customer support employee over the phone and managed to obtain access to “certain customer support systems.” The suspected theft includes the full names of a different group of approximately two million people alongside the five million email addresses.
Robinhood also stated that approximately 310 people have had additional personal information stolen, including name, date of birth, and zip code, with 10 customers having “more extensive account details revealed.”
The company said that the hacker tried to extort the company after Robinhood contained the intrusion, but the company refused and instead contacted the police and security firm Mandiant. Robinhood said that no bank account or social security details were accessed as a result of the hack.
Hack Brings Back Memories of Ledger Scandal
The Robinhood hack is reminiscent of the Ledger scandal, where the data of millions of customers was stolen in a series of breaches, although at least on this occasion Robinhood has acknowledged the breach up front.