The popular trading app Robinhood has reported that it has suffered a data breach, compromising the names and email addresses of 5 million of its users.
The platform, which has millions of users who, earlier in the year, drove the Reddit stock craze. Now, users have been warned that their personal information could be at risk.
In a blog post on its website, the company has reassured users that no financial data has been compromised, including bank account numbers, debit card details, or social security information.
In the post, Robinhood chief security officer Caleb Sima stated, “As a Safety First company, we owe it to our customers to be transparent and act with integrity. Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”
In addition to this, Robinhood says that, as far as they are aware, “there has been no financial loss to any customers as a result of the incident”.
According to the blog post, the company believes that a hacker impersonated an authorized party on the phone to a customer support employee. By doing this. they were then able to access Robinhood’s network systems before demanding a ransom payment.
Once the breach was discovered last week, the case was handed over to law enforcement and contained. The company is continuing to work with its cybersecurity firm, Mandiant.
So far, the investigations into the incident have found approximately five million users have had their names compromised, along with the full names of an estimated two million users.
For a small group of customers, there’s a risk that more personal data has been put at risk. Robinhood says that the hackers managed to gain access to more extensive data of just over 300 users.
It doesn’t appear to be financial details, but it could be that the names, dates of birth, and zip codes of these users could have been compromised during the incident.