Robinhood Suffers Another Massive Breach Affecting 7 Million Customers in Hot Water!
Robinhood Markets reported on Monday that it has suffered a massive breach that compromised the personal information of 7 million people. The organization stated that it experienced the security incident on November 3 and that the perpetrator demanded a ransom.
The financial services company has reported that the attack was contained, and purportedly, no social security numbers, banking information, or debit card numbers were compromised. The company doubled on stating that no customer experienced financial loss due to this hack.
Initially, the guilty party initiated contact with a customer support employee through the telephone. This allowed the perpetrator to obtain unauthorized access to customer support systems. The hack compromised the email addresses of about five million users and the complete names of a different set of two million people.
Also Read: DeFi Firm Cream Finance Suffers Crypto Hack, Loses USD 130 Million!
In addition, the personal information of about 310 individuals ranging from date of birth to zip code was certainly compromised. Alarmingly, 10 customers of the company were on the receiving end as the criminal uncovered their account details.
The perpetrator reached out to Robinhood and demanded a ransom. Robinhood had rejected the ransom demand and instead notified law enforcement agencies. The financial services firm has roped in an external security firm, Mandiant, to investigate the breach.
“As a Safety First company, we owe it to our customers to be transparent and act with integrity,” stated Robinhood Chief Security Officer Caleb Sima.
“Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”
Charles Carmakal, Mandiant Chief Technology Officer, reported that Robinhood “conducted a thorough investigation to assess the impact.” Charles said Mandiant is expecting the perpetrator of Robinhood to continue and extort other organizations in the near future.
Meanwhile, Robinhood put a statement where the company affirmed that they were redressing the situation. Part of their efforts was dedicated to identifying the affected customers and providing appropriate information regarding the hack. However, the company acknowledged that there are unknown risks that may alter the overall performance of Robinhood.
Also Read: Robinhood’s Hack Worsens: Threat Actor Pilfers 4,400 Phone Numbers!
It would be wise to heed that statement as Robinhood has been hacked twice so far. The October 2020 breach resulted in siphoning of customers’ funds. As the lack of customer support stonewalled angry investors then, Robinhood considered adding the customer support telephone system. Ironically, this addition was what was exploited by the perp of the latest hack.
Also Read: Hackers Exploit BQE Software to Hit a US Engineering Comp
The irony underscores why a company should not jump the gun or implement crowd appeasing strategies based on shaky foundations. Instead of reaching out to a third-party expert after a breach, one should solicit the services of Stealthlabs at the onset of strategy implementation.
We, at Stealthlabs, pay attention to every aspect, regardless of its magnitude. With security ingrained at every level of the strategy, one can rest easy and continue business as usual. Reach out to Stealthlabs and walk away with a security solution customized for you.
More News: