Wednesday, December 1, 2021

Robinhood data breach nightmare relies on support error

(Bloomberg) – Last year Robinhood Markets Inc. has been criticized for shortcomings in customer support. After a quick recruitment of staff, the company faced a new problem: An accident with a customer service representative allowed a hacker to steal personal information from about 7 million users.

The Menlo Park, California-based brokerage application suffered the largest hack in its history, which compromised the identity of about one third of its users. The company said in a statement that the November 3 hack was triggered by a phone call, during which the hacker tricked a support employee. Details of how exactly the perpetrator got there are not reported.

The attacker went into hiding with the email addresses of about 5 million Robinhood users, as well as the full names of a separate group of about 2 million people, and demanded extortion. For some clients, even more personal information was disclosed, including the names, dates of birth and zip codes of approximately 310 people, as well as more extensive information belonging to a group of approximately 10 people.

“Finance companies are a huge target because there are always new customers coming in — identity updates, credentials updated,” said Bob Rudis, chief data officer at cybersecurity firm Rapid7 Inc. “Everyone talks about ransomware, but credentials and IDs are still being sold on the dark web and on criminal forums. This is very valuable data. “

The episode unfolds as Robinhood works to convince users and vigilant regulators that it can live up to the “safety first” mantra often repeated by executives. A loud violation indicates that the path remains fraught as Robinhood expands rapidly. It is also a blow to the brokerage as it tries to get users to trust the application for most of their financial lives. Robinhood has a waiting list for cryptocurrency wallets and plans to offer other products in the future, including retirement accounts.

Read Also:  Apple gears up for construction on huge North San Jose technical complex

Robinhood said it did not believe the hack had revealed social security numbers, bank accounts or debit cards, and that customers were suffering financial losses. He claimed to be in violation, notified law enforcement and brought security firm Mandiant Inc. into the investigation.

Robinhood shares fell 3% to $ 36.85 at 10:24 am in New York.

Mandiant CTO Charles Carmakal said Robinhood “conducted a thorough investigation to assess the impact” and that his firm expects the attacker to continue to attack and extort other organizations over the next several months.

In another episode last year, nearly 2,000 Robinhood accounts were compromised in a hack during which customer accounts were ransacked. Some complained that there was no one to call.

The firm that helped popularize free trade began recruiting customer service staff, more than tripling its size in 2020. As part of its expansion, the brokerage opened offices in Arizona, Texas and Colorado. 24/7 phone support was launched last month.

More stories like this can be found at

© 2021 Bloomberg LP

Nation World News Desk
Nation World News is the fastest emerging news website covering all the latest news, world’s top stories, science news entertainment sports cricket’s latest discoveries, new technology gadgets, politics news, and more.
Latest news
Related news
- Advertisement -