7 million affected by cyberattack on trading app Robinhood

The stock-trading app Robinhood Markets has been hit by cyberattack compromising the names and email addresses of 7 million users.

In a statement issued earlier this week, the organization confirmed that a fraudster had breached its systems in a phishing attack.

Robinhood confirmed that a further 310 people had their date of birth and zip code stolen, and 10 customers had additional details stolen.

However, the organization says that no financial records or Social Security information was compromised.

What went wrong?

Robinhood says that it was the victim of a phishing attack, in which a fraudster sends an email purporting to be from a legitimate source in order to obtain the recipient’s login details or to trick them into downloading malware.

The intrusion occurred on November 3, 2021, with the attacker accessing customer support systems and exfiltrating the data.

Robinhood says the attackers requested a ransom for the safe return of the information, although it doesn’t appear to be a ransomware attack. The organization says it rejected the demand and is contacting affected users.

That’s not the end of the threat, however. The attackers may well use the compromised information to launch follow-up attacks on customers directly. Common scams include bogus emails supposedly from the compromised organization asking recipients to change their password for security reasons.

Users should therefore be vigilant if they receive an email from Robinhood in the near future and avoid clicking links or downloading files.

Those who are concerned about their account security should log on to the app as they would normally.

Why target Robinhood?

Whereas most cyberattacks are indiscriminate – with criminals exploiting weaknesses wherever they can rather than targeting specific organizations – this incident may be an exception.

Robinhood, which is designed for low-volume stock trading, gained huge popularity earlier this year after Reddit users encouraged people to use the app to invest in GameStop.

Their motives for this were partly to make personal profit, but it was also a coordinated attempted to squeeze the short positions of hedge funds, which would cost them money.

However, Robinhood froze trades for GameStop earlier this year, creating a public backlash.

The app said that customers would be allowed to sell their shares but not buy or trade them, because it didn’t have the capital required by regulators to cover the requested trading volume.

Reddit users said the decision harmed small traders and favored hedge funds and institutional investors.

Individuals subsequently took to the Google Play Store and the Apple App Store to flood Robinhood with negative reviews. Google soon intervened to remove tens of thousands of one-star reviews.

There have also been calls for a congressional investigation, and more than 50 class-action lawsuits have been filed against Robinhood.

Although there is no evidence to suggest that the attack against Robinhood was targeted, it demonstrates the extent to which cyberattacks can cause significant reputational damage for organizations.

Incident response with IT Governance USA

If you find yourself facing a cyber security disaster, we are here to help. Our experts can help you understand your cyber risks and the steps you can take to secure your organization.

Contact us today to get started.