Robinhood, a financial-services company that operates a popular brokerage app, this week announced a data breach that affects about 7 million of its users to varying degrees.
The company issued a statement on the breach Monday, revealing that an “unauthorized party” obtained the email addresses of approximately five million users. The full names of an additional two million users were also exposed.
Hackers obtained further personal details of a smaller group — approximately 310 people – including full names, dates of birth and zip codes, according to Robinhood. Ten individuals had even more “extensive” information exposed.
Robinhood does not believe any of its customers’ funds were lost as a result of the breach.
“Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident,” Robinhood said in its news release.
Robinhood is reaching out to affected customers. An investigation is ongoing.
The hackers, according to Robinhood, had “socially engineered a customer support employee by phone and obtained access to certain customer support systems.” They then demanded an “extortion payment,” the company says.
Robinhood has advised customers with concerns to visit its online help center.