Robinhood Markets data breach: 7 million accounts leaked

Robinhood Markets, a popular brokerage firm that recently became publicly traded, was hacked. Data of more than 7 million users is exposed in that breach. Company’s shares price descended 3.5% on the after hours market. The exact data breach took place earlier – on November 3.

What is Robinhood Markets?

Robinhood Markets is a retail brokerage firm that offers access to various markets – stock, cryptocurrency and derivatives – through their own mobile app. Besides the “all-in-one” concept of this company it also has a pretty low deposit requirement, which makes Robinhood very attractive for small investors. The absence of any commissions for trading makes the picture even better.

Bearing on the aforementioned advantages of Robinhood, it is not surprising that it has tons of clients. After the pandemic started, a lot of people decided to try themselves at the stock market, and Robinhood’s popularity started right there. Later, the company was involved in a trading scandal around GameStop shares. It faced several lawsuits for blocking the trading operations of traders who were buying GME.

Robinhood Markets data breach: how did it happen?

The company with such a big number of customers must have the corresponding security mechanisms. They must be especially tough to hack since there is a lot of financial information stored on Robinhood servers. And, as practice shows, they really have their security set up perfectly. The hack that led to unprecedented data leak is related to social engineering.

As the company says in its press release, the access to users’ data was reached through the phone call to the customer support employee. There is no certain information about how crooks got the credentials – through just asking about them or via phishing methods. Nonetheless, up to 7 million accounts are exposed in that data leak.

Robinhood assures that no critical information was compromised. About 5 million accounts got their email addresses leaked, another 2 million had their real names exposed. Only a small group of customers (310 users) got their personal info – zip codes, dates of birth together with names and emails. And 10 clients “having more extensive account details revealed”. What hides under the term “more extensive” – no one knows. The spokesperson says that “we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed.”

Why do hackers attack the brokerage firm?

Just like in the vast majority of other cyber attacks, they did it for money. Robinhood reported about “the extortion payment” which crooks ask for. However, the company did not specify the ransom size, as well as ignored the questions if they paid the sum. If they told the truth about the leaked data, they have nothing to worry about. Such information (emails, names, even zip codes) does not cost a lot. Asking for ransom is just hoping that the company will be afraid of publishing the information about the attack.

Nonetheless, this event is pretty representative of the current cybersecurity state in companies. Even though Robinhood was not hacked in the “classic” way, like Acer Corporation, the knowledge about cybersecurity among the staff remains low. People somewhy trust the person on the other end of the wire, and click the links/tell the credentials doubtlessly. You may establish the best security system in your company, which will be protected from all forms of attacks. But that will have no effect if the reckless support manager will just “open the door” to the crooks.