Posted on 11/08/2021 3:11:08 PM PST by bitt
Hacker socially engineered customer support employee to obtain millions of names and emails, demanded extortion payment
Mobile stock trading platform Robinhood (NASDAQ: HOOD) on Monday fessed up to a security breach that exposed names and email addresses for millions of users and “extensive account details” for what appeared to be very specific targets.
The Menlo Park., Calif-based company, which claims that about 13 million users trade stocks ETFs, and cryptocurrencies using its mobile app, said the breach happened on November 3 when a hacker stole names, email addresses, dates of birth, zip codes and additional personal information from its customer user data.
The company downplayed the extent of the impact, saying that only “a limited amount of personal information for a portion of our customers” was stolen but confirmed the intruder obtained names and email addresses for approximately 5 million people.
"We also believe that for a more limited number of people—approximately 310 in total—additional personal information, including name, date of birth, and zip code, was exposed, with a subset of approximately 10 customers having more extensive account details revealed," Robinhood said in a statement announcing the incident.
“We are in the process of making appropriate disclosures to affected people,” it added.
After an investigation, Robinhood said the attacker socially engineered a customer support employee by phone and obtained access to certain customer support systems.
“We believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident,” the company said.
(Excerpt) Read more at securityweek.com ...
“Robinhood is FDIC insured”
bullshit ... only robinhood cash sweep accounts deposited in banks that are FDIC banks are FDIC insured ... for all other securities (except digital coin) robinhood has private insurance through a non-governmental insurance company called SIPC ...
I worry that a good friend likes investing in Bitcoin.
No cell, no sell.
First of all Robinhood is not FDIC insured maybe privately insured and secondly I was joking about the mattress, but if you want to put all your money into something that is open to hacks, go ahead. It’s your money. It’s like Bitcoin...worth a lot today, worthless tomorrow. As for keeping your cash on hand, it is a smart thing to do these days. 3rd my mattress is insured with my 9mm and 380. 4th, I’m not an old man.
Agree with your #13, Robinhood was likely targeted because of the vastly Millenial makeup of their userbase, people who are notoriously lax about security. It could also be an attempt to short Robinhood’s recent IPO, down a third from its post-IPO high.
Not cash money. Gold.
“ Deep State going after those that profited from the Short Squeeze that hurt the international bankers…”
That was my first thought as well. Right after they lost billions.
Glad I’ve never used them.
...a security breach that exposed names and email addresses for millions of users and “extensive account details” for what appeared to be very specific targets.
Gosh, it sounds nothing like a DNC/Deep State/George Soros type operation.
It’s risky to be sure.
Right now Bitcoin is moving to new highs. Will that last?
Some pretty intelligent people think that it is destined
to move much higher. They may be right. They could be
wrong.
I’m dabbling in crypto. I’ve made some money. I didn’t
see this level of rise coming and I’m sitting out right
now. I still protected the money I had already made.
What goes up generally does come down. Sometimes stocks
can defy that for a long time. We’ll see how crypto
goes.
I used to work as a Trainer/QA Auditor in a call center. No matter how much we tried to drill it in people’s heads, agents would keep falling for social engineering tricks. It’s disturbing how easily those work.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.