The company revealed on Monday, that over 7 million people have been targeted in the United States in a security breach at Robinhood in which people’s identities and email information were compromised. According to the firm, the breach compromised “a small quantity of personal information for a small number of our clients.”
The “data security incident” occurred on Wednesday, November 3, when an unauthorized third party “obtained access to a small quantity of personal information,” according to the Menlo Park, California-based company.
It also claims that the most sensitive data it collects – US social security numbers and financial information – was not exposed. Robinhood stated it had turned down a payment demand and had reported the assault.
According to preliminary findings, the perpetrator duped a customer service representative into allowing them access to various customer support systems.
About 310 people’s personal information, such as name, date of birth, and zip code, may have been stolen, with a subset of about 10 customers’ account data being exposed, according to Robinhood, which is in the process of notifying anyone affected by the breach.
It is also said that bank account numbers including debit card numbers and social security numbers were exposed but no customer suffered any financial loss till now.
The intruder demanded an extortion payment when the incursion was controlled, according to Robinhood. The corporation subsequently alerted law enforcement, and an outside security firm is now investigating the incident.
“As a safety-first company, we owe it to our customers to be transparent and act with integrity,” Robinhood chief security officer Caleb Sima said in a message posted on the company’s website. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”