People at a Robinhood kiosk in New York City in July 2021. Photo: Spencer Platt/Getty Images
Popular trading app Robinhood said Monday that hackers gained accessed to personal information belonging to millions of its users on Nov. 3, including full names and email addresses.
Details: The trading app said it does not believe any Social Security numbers or financial information was exposed from the security breach, but the details that were disclosed could leave people vulnerable to email and phone scams and identity theft.
- It said so far it does not believe there has been financial loss to any user from the breach.
How it works: Robinhood said an "unauthorized third party socially engineered" one of its employees to gain access to customer support systems.
- The hackers were able to obtain a list of email addresses for some five million people that have used the trading app, and full names for a different group of approximately two million people.
- The third party was also able to access the names, dates of birth and zip codes for least 310 people.
- After containing the intrusion, Robinhood said the third party demanded an extortion payment.
What they're saying: "As a Safety First company, we owe it to our customers to be transparent and act with integrity," said Robinhood chief security officer Caleb Sima.
- "Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do," Sima added.
The big picture: The company said it is still in the process of disclosing the breach to affected users.
- It is working with law enforcement and a private security company to investigate the intrusion.
Go deeper ... Revealed: How Robinhood harmed millions of its customers