Popular online trading brokerage Robinhood recently announced a data breach affecting about 7 million customers.
We’ll take a closer look at what information was compromised and how to know if you were affected.
How the Data Breach Happened
In a blog post, the company said the breach occurred late November 3. An unauthorized party used social engineering with a customer support employee by phone to obtain access to “certain customer support systems.”
The third party obtained a list of email addresses for approximately 5 million people and full names for a different group of around 2 million.
Approximately 310 customers had more information exposed include name, date of birth, and zip code. Ten of those had more extensive account details revealed to the unauthorized user.
The company noted that no Social Security numbers, bank account numbers, or debit card numbers were exposed. No customer suffered any financial loss.
After Robinhood contained the intrusion, the company received a demand for an extortion payment. Along with informing law enforcement, Robinhood said it is investigating the incident with outside security firm Mandiant.
Is Your Information Affected?
Robinhood has emailed anyone who was affected by the breach. The email will also mention what information was exposed.
In the email and in the blog post, the company offered a number of ways to help keep your Robinhood account secure. You can find out more by logging into your account and heading to Help Center > My Account & Login > Account Security.
Other tips include enabling two-factor authentication and logging in to your Robinhood account to view messages. The company says that it will never include a link to access an account in any type of security alert.