Stocks and cryptocurrency trading app Robinhood on Monday warned users that a hacker talked their way past the trading app’s defenses, stealing millions of user email addresses and more. According to the company, the attacker called the customer support and pretended to be an authorised party and fooled an employee into providing them access to the customer support system. Robinhood said that this hacking technique is called “social engineering."
The hackers are also said to have tried to extort payment from the company. However, Robinhood alerted the police and has warned users about the breach, a blog post says. “We owe it to our customers to be transparent and act with integrity,” Robinhood chief security officer Caleb Sima said in the post. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do." This incident took place on November 3 and the hacker stole about 5 million email addresses of Robinhood users, along with the names of about two million members of the app.
Robinhood said it also appeared that the hacker got hold of names, birth dates, and zip codes associated with 310 users, plus additional account details about some of those people. The company said that it “believes that no Social Security numbers, bank account numbers, or debit card numbers were exposed" and that there has been no financial loss to any customers. he stolen information, however, can be used to fool Robinhood users with mails and communications pretending to be the company.
(With inputs from AFP)