Robinhood attack more serious than expected – thousands of phone numbers stolen

At the beginning of the month, Robinhood managers confirmed the hacker attack which targeted the personal data of numerous users of the well-known trading platform . When more than a week has passed since the first official confirmations on the incident, the balance of the activity carried out by the hackers seems to be more serious than expected: would be about 4 were also stolen. 400 Robinhood customer phone numbers – the figure is provided by Motherboard colleagues, the Company generically speaks of several thousand .

This information was not included in the list of stolen data initially provided, which referred to email addresses of approximately 5 million people, full names of 2 million people and personal information (name, date of birth and postcode) of over 300 users – in the case of 10 users the stolen personal data was even more extensive.

In the new note Robinhood reiterates that other sensitive information, such as social security, bank account and debit card numbers are safe , but it is not excluded that the loot of the bad guys is more extensive. The case is not yet closed , in fact, and the Company continues to analyze the samples of the stolen data provided by the hackers themselves.

FBI hackerato, falsi allarmi di cybersicurezza a migliaia di utenti

Mobile 15 Nov nel mirino delle spie USA: il caso dell'attacco hacker del 2016

Mobile 12 Nov

Further updates on the affair will continue to be published on the official website (link in SOURCE) . Robinhood undertakes to promptly notify all users to whom the illicitly disclosed data is attributable. Meanwhile, knowing that so many phone numbers have also been leaked is not encouraging for the victims , which are thus exposed to various cyber threats: from simple spam, to phishing and SIM swapping .

The new discovery on stolen data also worries for other reasons: the platform managers took over a week to communicate it to users and at the basis of the attack there seems to be a human error, that of the employee who fell victim of a proven technique of social engineering (the hacker pretends to be a subject authorized to manage the security systems and manages to obtain access credentials).

Back to top button