Millions Impacted by Robinhood Data Leak
Within the last couple of years, cryptocurrencies and investments have become increasingly popular. A product of this insurgency is Robinhood, a commission-free stock trader.
While the company itself existed prior to the boom in crypto interest, it was certainly a major factor in its rise to the forefront in the industry, generating roughly $51 million in revenue from that alone!
Despite this success, however, Robinhood has had its fair share of controversies. Just earlier this year, the online brokerage was fined $70 million as a result of regulatory issues that negatively impacted their consumers, often leading to extreme financial losses. In addition to this, Robinhood has recently fallen prey to a malicious cyberattack akin to the likes of Facebook and Twitch.
What Happened?
It has been reported by Robinhood Markets Inc. that a third-party had obtained access to the email addresses of about five million of its customers. Of that five million, two million had their full names exposed, and another 310 had information such as their date of birth and zip codes subjugated.
The company also reported that, fortunately, it is believed that no social security numbers, bank account numbers, or debit card numbers were accessed by prying eyes.
How Did This Happen?
According to Robinhood, this was the direct result of a social engineering attack.
This type of cyberattack, which we at Redact have covered before, heavily relies on deception and trickery – and that is exactly what happened to a Robinhood representative. The company noted that “the unauthorized party socially engineered a customer support employee by phone and obtained access to certain customer support systems.”
Should You be Worried?
This instance, unlike other major data leaks, does not warrant any serious concern. However, that does not mean that you should let your guard down.
In general, your email being exposed is much less of a threat than that of your social security number, but it is important, nonetheless. For hackers, this seemingly tiny bit of information is still extremely useful. For example, they could send phishing scams in the form of deceptively innocent emails to those users, or they could potentially discover what other sites that the same emails are registered under and try to get into the user’s accounts.
That being said, it does not hurt to err on the side of caution – and it’s not even a lot of work! Even if you do not use Robinhood, taking these simple, yet effective preventative measures can save you from an enormous headache in the future: