Incidents like this are what keep us performing those vexing security trainings year after year.
After an employee was duped into giving a hacker access to internal systems, Robinhood disclosed a data breach that exposed the personal information of about 7 million users.
On Nov. 3, a security breach occurred when an unauthorised person merely dialled the investing app’s customer service number. The caller then duped a Robinhood employee into giving them access to critical user data, resulting in the collection of around 5 million emails and the full identities of almost 2 million more people.
That’s terrible enough, but things become even worse. Around 310 people’s personal information, including their names, dates of birth, and zip codes, was also exposed, according to Robinhood. Ten of these consumers had even more account information published, though Robinhood did not specify what that information was. Fortunately, no Social Security numbers, bank account numbers, or credit card numbers were among the data stolen, according to Robinhood.
You have to admire the ability to manipulate people through social engineering. Most of us would believe that someone with access to private user data wouldn’t contact the customer service number that is visible to the public.
The malicious actor attempted to extort money from Robinhood, but the business refused to share the amount sought or if it had been given. A Robinhood representative told News Media, however, that the firm will continue to need security training for its staff, including social engineering assaults, and that it is “trying to add new security safeguards.”
In a news release, Robinhood also stated that law enforcement has been notified, and security firm Mandiant is investigating the issue. The company is also in the process of notifying users who have been affected by the hack.
“Putting the whole Robinhood community on notice of this occurrence now, following a rigorous assessment, is the appropriate thing to do,” said Robinhood Chief Security Officer Caleb Sima in a blog post.
Unfortunately, there isn’t much you can do to safeguard yourself from such abuses. It’s on you if you give your information to a corporation that is subsequently duped into handing it to a hacker.
Complete your tiresome work-mandated data security training if you want to be part of the solution, and maybe you won’t make the same mistake as this Robinhood employee.
Apart from this, you can read more Entertainment and Tech articles here: Discord RTC connecting, Apex Legends Wallpaper, Twitter Followers, Discord no route, GC Invoker Utility, Galaxy watch 4, How to save GIF from Twitter, Masteranime, Yesbackpage, how to change Kik username, Reach vs Impressions, how to delete apps on Apple Watch, Discord Commands, How to mute Discord on OBS, How to connect Discord to Spotify, Family Man season 2, Happy Season 3, Netflix download limit, how to share Netflix account, MP3Clan, F95Zone, Fallout 4 Anti Crash, how to delete PayPal account.