Robinhood, the net buying and selling platform that’s already seen no scarcity of controversy, announced Monday {that a} fraudster “socially engineered a buyer help worker by telephone and obtained entry to sure buyer help programs,” having access to lists of names and e mail addresses for tens of millions of shoppers.
The corporate mentioned the scammer accessed a listing of about 5 million folks’s e mail addresses and a separate listing of about two million folks’s full names. About 310 folks noticed their identify, date of start, and zip code uncovered, whereas about 10 Robinhood prospects had “extra in depth account particulars revealed.” Robinhood is reaching out to affected folks.
The hacker demanded a ransom cost, and Robinhood contacted legislation enforcement and is working with the cybersecurity Mandiant to proceed the investigation, in response to the corporate’s assertion.
Robinhood mentioned individuals who wish to change their safety settings can entry its web site’s safety menu. The Nationwide Cybersecurity Alliance, an trade group, advised Robinhood customers to vary their passwords and arrange multifactor authentication as a precaution.
Robinhood warned prospects it wouldn’t ship hyperlinks to entry their accounts in emails, maybe involved about potential phishing assaults utilizing the leaked e mail addresses.
It’s removed from the primary situation to face Robinhood, which was one of many corporations that pioneered commission-free on-line inventory buying and selling, now an trade norm. The corporate final 12 months agreed to pay $65 million to settle Securities and Change Fee allegations it misled prospects about the way it makes cash, which concerned funds from monetary corporations the place it routed buyer orders. The SEC mentioned that contributed to worse share costs for its prospects.
Robinhood prospects have additionally had difficulty trading stocks and cryptocurrencies, usually throughout instances of volatility, together with this 12 months’s meme inventory increase.
