Free Newsletters for the Channel
Register for Your Free Newsletter Now
Mandiant is helping with Robinhood's investigation of the data breach.
November 9, 2021
Robinhood, the online stock trading platform, says about 7 million customers’ personal information was compromised in a data breach last week.
That represents about one-third of Robinhood’s customers. The intruder obtained email addresses of about 5 million people. They also got full names for a separate group of about 2 million.
Robinhood confirmed the data breach occurred on Nov. 3.
In a blog, Robinhood said the unauthorized party socially engineered a customer support employee by phone and got access to certain customer support systems.
Additional personal information, including name, date of birth and zip code were exposed for 310 people. In addition, a subset of about 10 customers had more extensive account details revealed.
“We are in the process of making appropriate disclosures to affected people,” Robinhood said. “After we contained the intrusion, the unauthorized party demanded an extortion payment. We promptly informed law enforcement and are continuing to investigate the incident with the help of Mandiant, a leading outside security firm.”
Mandiant confirmed it is working with Robinhood. It sent us this statement from Charles Carmakal, its senior vice president and CTO:
“Robinhood quickly contained the security incident and conducted a thorough investigation to assess the impact. Mandiant has recently observed this threat actor in a limited number of security incidents and we expect they will continue to target and extort other organizations over the next several months.”
Caleb Sima is Robinhood‘s chief security officer.
“As a safety-first company, we owe it to our customers to be transparent and act with integrity,” he said. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”
Scroll through our slideshow above for more important details on the Robinhood data breach.
Read more about:MSPs
You May Also Like
Mobile World Congress: VMware Talks SASE, 5G, SD-WANFeb 27, 2024
Zero Trust World: ThreatLocker Providing an Action Plan for Preventing AttacksFeb 26, 2024
The Gately Report: Trellix Partners Shielding SMBs from RansomwareFeb 26, 2024
Cloud Computing News: AWS Loses Another Key Exec to Azure; Canalys, Vega Cloud, Hyve NewsFeb 23, 2024