On a popular hacking forum, and marketplace recently data for almost 7 million Robinhood customers was stolen and sold. In this event, the threat actors have abused the network of Robinhood by hacking one of its employees.
The hacker got access to the information of approximately 7 million Robinhood users through the customer support systems of Robinhood, all thanks to the hacked accounts of employees.
Types of data that has been compromised by the hacker are mentioned below:-
In this incident, for not releasing the compromised data, the hacker tried to extort the company. While among threat actors these types of data are particularly popular since they use these data for performing other cyberattacks like phishing attacks.
A threat actor named ‘pompompurin’ has proclaimed that on a popular hacking forum they were selling the data that they have stolen, and pompompurin announced this just after the two days when Robinhood disclosed the attack.
For at least five figures, which is about $10,000 or higher than this, pompompurin was selling the stolen data of the 7 million Robinhood customers, and this statement is stated by the pompompurin itself.
When performing Know Your Customer (KYC) requirements a secure file transfer service known as SendSafely is used by the trading platform, and here the hacker downloaded ID cards from SendSafely.
On the matter of safety, Robinhood Chief Security Officer Caleb Sima stated:-
“As a Safety First company, we owe it to our customers to be transparent and act with integrity. Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”
To keep your account secure Robinhood recommended visiting:-
Moreover, they have also confirmed that in a security alert they never include any link to access your account.
A Romanian man has been sentenced to 20 years in prison for his involvement in…
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical vulnerability…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued eight detailed advisories on vulnerabilities affecting…
A new and advanced ransomware family, dubbed NotLockBit, has emerged as a significant threat in…
Through the use of XLoader and impersonating SharePoint notifications, researchers were able to identify a…
Researchers have identified a rise in malicious activity on the VSCode Marketplace, highlighting the vulnerability…