Robinhood was known for “Stealing from the Rich, and Giving to the Poor.” Not so in the last two years. For the second time Robinhood Markets Inc. has been attacked by cyber criminals. Robinhood said personal information of about 7 million people, which is approximately a third of its customers, was compromised in a data breach last week. The bad actors then demanded a ransom payment. The intruder obtained email addresses of about 5 million people as well as full names for a separate group of about 2 million, Robinhood said Monday in a statement. For some customers, even more personal data was exposed, including names, birth dates and ZIP codes of about 310 people, and more extensive information belonging to a group of about 10. The Menlo Park, California-based brokerage said it believes no US Social Security, bank account or debit-card numbers were exposed during the 3 November attack, or that customers incurred any financial losses. The hackers made threats about what would be done with the compromised information, although it was not a ransomware attack, according to a Robinhood spokesperson, who declined to say whether the firm paid the criminals. Shares of Robinhood fell 3% to $36.84 in extended trading at 5:30 pm in New York.
The attack pivoted on a phone call with a Robinhood customer service representative, whom the intruder used to gain access to support systems, according to the statement. Robinhood said it contained the breach, notified law enforcement and enlisted security firm Mandiant Inc. to investigate the breach. Mandiant said Robinhood “conducted a thorough investigation to assess the impact” and that his firm expects the intruder to continue to target and extort other organizations over the next several months.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/3702558539639477516
Comments