4,400 phone numbers revealed to have been compromised during the recent Robinhood hack. Robinhood previously revealed that hackers had only been able to access a “limited amount” of their users’ information.
Robinhood Hackers Got Hold of Five Million Emails
In a recent blog update, Robinhood revealed that hackers had obtained a list of five million emails and full names for a group of about two million people. The hackers were also able to obtain “several thousand entries” that had phone numbers.
The company initially did not reveal how many phone numbers were compromised but Motherboard revealed, as seen in an article by Vice, that the number has reached around 4,400. Motherboard was able to obtain a copy of the stolen numbers coming from a source that presented themselves as a proxy for the Robinhood hackers.
Robinhood did Not Confirm the Number of Hacked Phone Numbers
The outlet’s statement revealed that Robinhood did not give confirmation as to whether the numbers obtained by Motherboard were authentic. The company did, however, acknowledge that thousands of phone numbers were included in the stolen information.
According to the story by Gizmodo, they also pointed out that they were analyzing the other “text entries.” Robinhood stated that they continue to believe that the whole list did not contain users’ Social Security numbers, debit card numbers, or bank account numbers.
‘No Financial Loss’ to Any Customer
The company also claimed that so far, there has not been any financial loss to any of the customers as a result of this particular incident. Robinhood said that they will continue to make the appropriate disclosures to those users that were affected.
Gizmodo tried to reach out to Robinhood asking for an update on whether there was any real sensitive personal information obtained by the hackers. The publication was then pointed to the company’s blog regarding the issue.
November 3 Robinhood Hack
The Robinhood hack happened on November 3 and was done through a social engineering scheme, as explained by CISA. The plan involved hackers convincing a customer support employee over the phone that they were given permission to be able to access some customer support systems.
The hackers gained access to about five million customer emails and two million full names of the users. In addition to this, the company said that the hackers had stolen the date of birth and zip code for 310 people.
10 Customers were ‘Extensively’ Breached
There were about ten customers that had their “extensive” account details revealed. The company, however, did not define what information they considered as “extensive.” After stealing the information, the hackers then demanded an extortion payment.
Robinhood got in touch with the authorities and directly contacted Mandiant, a security firm, to help them investigate the whole incident. Motherboard points out that phone numbers are extremely risky since the hackers can use this to trick the multi-factor authentication on users’ phones or possibly send a phishing message to users’ devices.
Source: Urian B., Tech Times