Robinhood, a modern trading platform that offers both traditional securities as well as cryptocurrency trading options, has confirmed that a limited number of its customer accounts were targeted by cybercriminals. However, Robinhood clarified that its service platform itself was not compromised.
Hackers reportedly managed to compromise Robinhood customers’ personal email accounts which are outside of the actual stock trading app. The hackers then used allegedly these email addresses to access the victims’ Robinhood accounts.
Although Robinhood’s management didn’t mention exactly how many accounts had been compromised, a report from Bloomberg has revealed that around 2,000 customers may have had their personal information stolen after their accounts were hacked. The news outlet had actually reported that last week there had been some sort of security breach.
Robinhood, which claims more than 13 million users, managed to raise a total of $660 million through its Series G investment round (finalized in September 2020). However, the company was being investigated by the US SEC which had announced plans to fine Robinhood (in early September 2020) for making certain undisclosed deals with outside firms.
The company has stated:
“The security of Robinhood customer accounts is a top priority and something we take very seriously.”
Despite these claims, many social media users had been complaining that they were unable to contact the brokerage, which reportedly doesn’t have a customer service phone number. However, the company might soon be adding a phone number and several tools to help customers in situations where their accounts may have been compromised.
Robinhood also claims that it’s currently working with customers that have been affected by the recent attacks from hackers. The company has also reminded its customers to make sure that they are protecting their accounts by using standard security features such as two-factor authentication or 2FA (even though this added layer of security has also failed on several occasions on a number of online platforms).
A Robinhood representative confirmed that when the company is informed by a customer that their account may have been compromised, it immediately restricts their account. The company also claims that, as part of standard procedures, it begins investigating or looking for instances of unauthorized access.
Robinhood’s security procedures also log users out of all their devices almost as soon as the company is notified about a potential security breach. Like most other online platform providers, Robinhood asks customers to change their passwords if they feel there’s any suspicious activity on their account, the representative noted.