Robinhood data breach exposes 7 million users' personal information
It's incidents like this that keep us doing those annoying security trainings every year.
Robinhood has announced a data breachrevealing around 7 million users' information after an employee was tricked into providing a hacker with access to internal systems.
The security breach occurred on Nov. 3, and involved an unauthorized person simply calling up the investing app's customer support. The caller then tricked a Robinhood employee into granting them access to sensitive user information, and managed to collect around 5 million people's emails and the full names of around 2 million more.
That's bad enough already, but it gets worse. Robinhood also revealed that around 310 people had further personal information exposed, including their names, dates of birth, and zip codes. Ten of these customers had even more details of their account revealed, but Robinhood did not reveal exactly what information this entailed. Fortunately, Robinhood believes no Social Security numbers, bank account numbers, or credit card numbers were among the information stolen.
You've kinda gotta respect the social engineering skill. Most of us would assume that a person authorized to access private user data probably wouldn't call the public-facing customer support number.
The malicious actor attempted to extort a payment out of Robinhood, though the company declined to reveal to Mashable the amount demanded or if they'd actually paid it. However, a Robinhood spokesperson did tell Mashable the company will continue requiring security training for its employees, including educating them on social engineering attacks, and it is "working to implement new security countermeasures."
Robinhood further noted in its press release that law enforcement has been informed, and the incident is being investigated by security firm Mandiant. The company is also in the process of disclosing the breach to impacted users.
"Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do," said Robinhood Chief Security Officer Caleb Sima in a post on the company's official blog.
Unfortunately, there isn't much you can do to protect yourself from such violations. If you provide your information to a company, which is then tricked into giving it to a hacker, that's on them.
If you want to be part of the solution, complete your annoying work-mandated data security training, and hopefully you won't make the same mistake this Robinhood employee did.
相关文章
Washington Mystics vs. Chicago Sky 2024 livestream: Watch live WNBA
TL;DR:Watch Washington Mystics vs. Chicago Sky in the WNBA with WNBA League Pass. Avoid blackouts an2024-09-22- 2014年11月底的一天,下着小雨。中午,在杭州余杭仓前街道某工地干活的丁某刚刚收工,准备到街上吃午饭。工地外面都是泥地,雨天路滑,丁某一直低头看路。突然他看到路中间有一个红色的钱包,于是他立马跑过去2024-09-22
- 日前,不少细心的市民发现,央行降息后不足一周,我市银行的存款利率市场因浮动区间的扩大而频频调整。那些赔本赚吆喝的银行又悄然下调了“一浮到顶”的利率,进入降息通道。自此,银行利率2024-09-22
- 雅安日报/北纬网讯5月23日上午,市委书记兰开驰在雅会见农发行四川省分行副行长向阳。双方就巩固发展良好银政关系,开展全方位深入合作,为雅安经济社会发展提供更多支持,共同把金融与经济融合发展这篇大文章做2024-09-22
9 Festive Holiday Treats and Where to Find Them
Whether it’s lechón(roast suckling pig) for Noche Buena in the Philippines or an aspic made ofbathtu2024-09-22- 抓好承包地、宅基地和集体经营性建设用地“三块地”改革|市委书记抓乡村振兴2023.11.13-11.19)_南方+_南方plus本文收录于专辑11月13-19日,各地市持续推进绿美生态建设。佛山市强调2024-09-22
最新评论