Robinhood, a commission-free, U.S.-based trading app, joins the list of ransomware victims. On November 3, 2021, the trading platform experienced a phishing attack in which a customer support employee fell prey to the ransomware trap. As a result, data of millions of customers was exposed and stolen.
Robinhood is a popular trading app in the U.S. due to its friendly user interface and commission-free trading. It allows trading stocks, ETFs, options, or cryptocurrency on its platform. Per Statista, the app’s users grew from half a million in 2014 to 22.5 million in 2021. The app’s net revenue stands at $91 million as of Q2 2021.
Announcing the ransomware incident in a blog, Robinhood revealed, “An unauthorized third-party obtained access to a limited amount of personal information for a portion of our customers. Based on our investigation, the ransomware attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers because of the incident.”
A Robinhood customer support employee was socially engineered over a phone to get access to the customer support system. The blog added, “At this time, we understand that the unauthorized party obtained a list of email addresses for approximately five million people and full names for a different group of approximately two million people. We also believe that for a more limited number of people — approximately 310 in total — additional personal information, including name, date of birth, and zip code, was exposed, with a subset of approximately 10 customers having more extensive account details revealed. We are in the process of making appropriate disclosures to affected people.”
The company did not comply with the ransom demand and has employed Mandiant, a security firm, for investigating the breach.
Robinhood’s Chief Security Officer, Caleb Sima, said, “As a Safety-First company, we owe it to our customers to be transparent and act with integrity. Following a diligent review, putting the entire Robinhood community on notice of this ransomware incident now is the right thing to do.”
Ransomware news is making headlines every week. Once again, the human factor comes to play whereby we see cybercriminals leveraging the “human bait” to fulfill their motives. Humans continue to be the weak link in the cybersecurity landscape and responsible for more than 80% of reported security incidents.
As per a survey by Black Hat, 91% of social engineering attacks are launched with a phishing email. It says, “A single human mistake can result in an attacker taking over all of the organization’s infrastructure, no matter what hardware, software, or endpoint security implementation has been done from the defensive team,” and this is exactly what resulted in the Robinhood hack.