On November 8, 2021, Robinhood released a statement claiming they experienced a data breach. The attacker obtained a list of email addresses for 5 million people and the full names for a different group of 2 million people. A group of around 300 people also had additional personal information exposed. The organization claimed that no social security, bank account, or credit card numbers were breached and that no customers experienced financial loss. The attacker used social engineering to obtain the customer information by calling a Robinhood customer support employee and gaining access to certain customer support systems. The attacker also held the customer information and demanded ransom, however, Robinhood has not disclosed whether they made any payments or not.
According to Bloomberg, this was the largest hack Robinhood has ever experienced. Security professionals have commented on this incident, stating that financial firms are often targets of these types of cybercrimes because they are always gaining new customer identities and credentials. This type of information can be very valuable in the dark web. Robinhood sought help from Mandiant with the investigation. Mandiant also stated that they expect the intruder to continue to target other organizations over the next several months.
Cnet compared this breach to the T-Mobile data breach along with Facebook and LinkedIn. They urge customers to avoid scams and monitor credit cards and charges. McAfee also recommends updating passwords so they are strong and unique, using a password manager, and enabling two factor authentication. Additionally, customers should report suspected fraud and keep an eye out for phishing emails that claim to be from Robinhood.
Continuous security monitoring of your systems is critical to protecting your company and your customers. Ongoing security tasks such as vulnerability management and penetration testing are vital to protecting your networks and applications.
Contact Adsero Security today to schedule a Security Risk Assessment to identify all your critical assets, vulnerabilities, risks and controls in your company. Use our security risk assessment report to remediate your current risks and determine processes and procedures to reduce or eliminate risks going forward.