The infamous trading platform Robinhood has gotten itself in a lot of hot-water recently. First with the r/wallstreetbets fiasco with GME and now because of a data breach. This breach involves data from over 7 millions users. Despite that, robinhood claims that no important information has been compromised.
The breach started after a threat-actor managed to infect the computer of a customers support agent. It was reported that the hacker convinced employees that he was a customer support agent over the phone. He then managed to gain access to the customer support system of the company. After gaining access the hacker went on to collect information of millions of users. This includes 5 million email addresses, another 2 million full names. A small number of users got more sensitive information leaked. Robinhood did not reveal what that information was.
After the breach, the company made a statement. "We believe that no Social Security numbers, bank account numbers or debit card numbers were exposed. We also believe there has been no financial loss to any customers as a result of the incident".
The threat actor
The hacker first demanded an extortion payment from robinhood. After that didn't go through, the information was posted for sale on dark-net hacking forums. According to a cyber-security analytics firm the information has been seen online for upwards of 10,000 US dollars. The firm also found that the hacker 'pompompurin' was behind the breach. This is the same hacker behind the recent, infamous FBI hack. After gaining access to FBI servers, the threat actor was able to sent emails in behalf of the agency.
Robinhood made multiple statements on the breach and promised to increase its security standards. After a diligent review and a community notice on the incident the chief security officer of the company made a statement. "As a Safety First company, we owe it to our customers to be transparent and act with integrity". This breach also affected the shares of the company as they slightly plunged.
Cyber-attacks have been skyrocketing over the past two years and still are. We are living in an era where hackers are finding any way possible to exploit anything. Any information that can be used to somehow make money by either selling it or using to directly exploit someone is harvested like gold. Firms should start taking cyber-security more seriously and should be held accountable for such attacks.