Earlier this month Robinhood (NASDAQ:HOOD) revealed that data had been stolen from its trading platform. More specifically, a hacker obtained a list of emails for 5 million individuals, full names for around 2 million people, and personal information, including dates of birth, zip codes, and more for approximately 310 individuals. Robinhood shared that it had hired Mondiant to pursue the invaders while promising to keep everyone up to date.
At a later date, Robinhood added that it had determined that several thousand entries in the list contain phone numbers and other text entries that they are “continuing to analyze.”
“We continue to believe that the list did not contain Social Security numbers, bank account numbers, or debit card numbers and that there has been no financial loss to any customers as a result of the incident. We’ll continue making appropriate disclosures to affected people.”
Last week, Bleepingcomputer shared that 7 million email addresses pilfered from Robinhood are now for sale
According to the report:
“Two days after Robinhood disclosed the attack, a threat actor named ‘pompompurin’ announced that they were selling the data on a hacking forum. In a forum post, pompompurin said he was selling 7 million Robinhood customers’ stolen information for at least five figures, which is $10,000 or higher.”
pompompurin did state that the more detailed information on the 31o were not for sale, at least yet.
On November 19th, cybersecurity firm Barracuda shared a post outlining how the hacker used a fairly simple social engineering ploy to dupe unsuspecting Robinhood support personnel.
Meanwhile, shares in Robinhood have been sinking, trading far below its IPO price.