They noted -
“An unauthorized third party obtained access to a limited amount of personal information for a portion of our customers,” the company revealed while emphasizing that the breach had since been contained and that there had been “no financial loss to any customers.”
This hacking incident took place on 3rd November where a hacker tricked social engineering scheme that targeted a customer support employee. The hacker convinced the employee that they were cleared to access “certain customer support systems,” and subsequently gained access to the email addresses of approximately 5 million customers and the full names of approximately 2 million customers, the company said.
On the blogpost, Robinhood said Social Security numbers, bank account information, or debit card numbers were exposed in the breach. Currently, they are working with Mandiant, a leading cybersecurity firm, to further investigate the incident.
Robinhood Chief Security Officer Caleb Sima says “As a Safety First company, we owe it to our customers to be transparent and act with integrity,”. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”
For the security aspect, Robinhood guides its users to visit Help Center > My Account & Login > Account Security, to keep accounts secure.