Robinhood Hack Now Includes



The company has now stated that some of the stolen information included thousands of phone numbers.

The list of five million email addresses and full names for a different group of two million people was obtained by the hackers, according to a Tuesday update on the company's website. The company did not say how many phone numbers were on the list.

The source who presented themselves as a proxy for the hackers gave a copy of the phone numbers to the website. In a statement to the outlet, Robinhood did not confirm if the phone numbers that were obtained were authentic but did acknowledge that the stolen information included thousands of phone numbers.

It pointed out that it was analyzing other text entries, which may refer to customer information.

The list also contains other text entries that we are analyzing. We believe that the list did not contain Social Security numbers, bank account numbers, or debit card numbers and that there has been no financial loss to customers as a result of the incident. We will continue to make appropriate disclosures.

On Wednesday, Gizmodo reached out to the company and asked if it had any information on the matter, and we included it here.

The hack on Robinhood was carried out using a social engineering scheme. The hackers tricked a customer support employee over the phone into giving them access to certain customer support systems. The hackers were able to get five million customer email addresses and two million full names.

The company said at that time that the hackers had obtained names, birthdates, and zip codes of more than 300 people. The company did not define what information it included under "extensive."

The hackers demanded an extortion payment after obtaining customer data. The security firm Mandiant was contracted to help investigate the incident.

Since they can be used to obtain even more data about you and compromise your accounts, running off with stolen email addresses and names was already alarming. The phone number is especially risky to lose because it can be used to trick multi-factor security on your phone or send fraudulent messages from your device.

This is just a reminder that we should never use the internet again, and that we should put our phones in a box. Is that not going to happen?