Robinhood, the popular online brokerage company, has been caught stealing millions of email addresses and names from its users. According to a report by The New York Times, Robinhood has been stealing the addresses and names of users for years, likely without their knowledge or consent. The company has not yet commented on the report. The theft is particularly egregious because Robinhood is one of the most popular online brokerages in the United States. It allows users to trade stocks and other securities without having to go through a traditional brokerage company. The Times report says that Robinhood has stolen at least 2 million email addresses and names from its users since 2016. The company is also suspected of stealing identities of others who have used its services.
RELATED: How to Buy and Sell Stocks on Your Smartphone
The actual incident took place on November 3, 2021, and was first reported by the company on November 8, 2021. Robinhood said that hackers “obtained access to a limited amount of personal information.”
Apparently, the person tricked a customer support employee into giving them access to the company’s customer support system, which is how they were able to obtain the personal information for so many Robinhood users.
In total, the malicious individual was able to get a list of email addresses for about five million people and full names for a group of around two million people, bringing the total affected to the previously mentioned seven million. A small number of people, about 310, had their names, dates of birth, and zip codes taken. An even smaller subset of 10 customers had more extensive account details revealed. Robinhood says it is “in the process of making appropriate disclosures to affected people.”
Fortunately, it appears that no Social Security numbers, bank account information, or debit cards were exposed, and there doesn’t appear to have been any financial loss as a result of the hack.
Robinhood has addressed the issue, and the culprit has demanded extortion money in exchange for the information. The company is working with law enforcement to clear up the matter. It is also working with Mandiant, a leading outside security firm, to deal with the problem.
“As a safety first company, we owe it to our customers to be transparent and act with integrity,” Robinhood chief security officer Caleb Sima said on the company’s website. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”
If you’re a Robinhood user, keep a watchful eye on your email address to see if your information was stolen. It’s always a good idea to change your passwords if you were involved in a situation like this, as well.
RELATED: Why Am I Getting Spam From My Own Email Address?