The popular trading app Robinhood has just been hit with a major data breach affecting millions of its users.
The company says an unauthorized third party socially engineered a customer support employee while talking on the phone, obtaining access to some customer support systems.
This allowed the unauthorized party to obtain two lists; one contained email addresses for approximately five million people, and the other had full names of approximately two million people.
Robinhood also believes that 310 users had additional personal information compromised, including name, date of birth, and ZIP code. Ten of these individuals had more extensive account information exposed.
[RELATED: How to Spot a Fake Robinhood Email]
Here is part of the official statement from the company:
"Late in the evening of November 3, we experienced a data security incident. An unauthorized third party obtained access to a limited amount of personal information for a portion of our customers. Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident."
Robinhood mentions the unauthorized party did demand a ransom payment, to which the company responded by immediately notifying law enforcement.
Follow the SecureWorld News page for any updates on the incident.