Robinhood (HOOD) - Get Robinhood Markets, Inc. Class A Report, hit by a data breach earlier this month, admitted that millions of customers’ information was exposed and that a hacker demanded an extortion payment.
The trading platform said in a statement that the Nov. 3 attack allowed the unauthorized party to obtain a list of email addresses for about 5 million people and full names for another group of about 2 million people.
Robinhood stated that no Social Security numbers, bank account numbers or debit cards were exposed and that none of the customers experienced a financial loss.
On Action Alerts PLUS, Chris Versace and Bob Lang say they know when to hold 'em and when to fold 'em. See which gaming stock they've trimmed and why with a free trial subscription to Action Alerts PLUS.
Robinhood is trying to reassure its customers and the public that the breach is under control, but whether you were affected by the breach or not, this incident is a stark reminder of how important it is to protect your personal information and your credit.
The first thing you can do is freeze your credit report. This will prevent a hacker from using your personal information to obtain credit or open accounts in your name. Keep in mind that if you need to apply for new credit you will need to lift the freeze to apply. You will also need to contact each credit reporting agency (Equifax, Experian and Transunion) to freeze each report.
You can also do a short-term fraud alert. This lasts for one year. It is different because instead of a blanket freeze; the creditor has to contact you to verify the request for credit. You only need to contact one credit reporting agency to initiate a fraud alert, it is legally obligated to share your request with the other reporting agencies -- and it’s free.
A third step is engaging a credit monitoring service. This will alert you to potential fraud on your credit report. When Equifax experienced a data breach in 2017, it offered those affected free credit monitoring services for four years. Credit monitoring can alert you to fraud, but it cannot prevent it entirely. You will have to be diligent in monitoring your credit and personal information to avoid fraud.
In a statement, Robinhood admitted that an unauthorized party gained access to Robinhood's customer support systems that gave them the personal information. Once the information was obtained, a demand for payment was made and Robinhood immediately contacted law enforcement.
The company further stated that the unauthorized party posed as a customer support system employee by phone. No further details on how the hack actually happened were provided.
The company is now in the process of making "appropriate disclosures to the affected people" and is continuing to investigate with the help of security firm Mandiant.
Caleb Sima, Robinhood’s chief security officer said, "As a 'safety first' company, we owe it to our customers to be transparent and act with integrity. Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do."
Shares of Robinhood fell $1.28, or 3.4%, Tuesday to end the regular session at $36.70.