Cryptocurrency and Stock trading app, Robinhood reports data breach that puts the safety of users’ cryptocurrencies and stocks at risk.
What to get from this news:
…How the hacker gained access
…Are Your Cryptocurrencies And Stock Safe with this breach?
…Can you lose all your money in crypto and stocks?
…Where is the safest place to keep your cryptocurrency?
…What to do to secure your cryptocurrencies and stocks
…Implications
Meanwhile, the app reports that a hacker hacked into its database and stole email addresses of 5 million users.
The hacker also stole the data bearing full names of another 2 million users.
How the hacker gained access
The hacker gained access into Robinhood database by tricking the company’s customer support employee.
This happened on November 3rd.
The hacker had called Robinhood customer representatives and used social engineering tricks to dupe them.
The hacker tricked them into giving up access to certain customer support systems.
Also, the hacker gained hold of Robinhood’s customers’ dates of birth and the ZIP codes of 310 other customers.
Similarly, the company revealed that the hacker also exposed “more extensive account details,” of 10 customers.
“We also believe that for a more limited number of people —approximately 310 in total— additional personal information, including name, date of birth, and ZIP code, was exposed, with a subset of approximately 10 customers having more extensive account details revealed.”
Are Your Cryptocurrencies And Stock Safe with this breach?
Robinhood says your cryptocurrencies and stocks are safe despite the data breach.
“Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident.”
Meanwhile, the hacker has demanded payment from Robinhood.
But the company has reported to law enforcement agents and cybersecurity expert, Mandiant to investigate the hack.
Can you lose all your money in crypto and stocks?
Although Robinhood said the hacker did not steal users’ Social Security numbers, bank account numbers, or debit card numbers.
It also said that no customer incurred any financial loss as a result of the data breach.
ALSO READ: How To Protect Your Finances From Hackers With FireFox, Google Password Check
This may be so because some digital assets have tight safety potentials, despite some data breaches.
Example, cryptocurrencies run on blockchain technology which make them inherently secure.
However, other digital transactions like stock trading may not be as secure as cryptocurrencies.
Also, digital transactions like online banking, money transfers through digital wallets or peer-to-peer payment services may not be very secure.
Meanwhile, what some hackers need to empty your accounts could just be your email address, your name and date of birth.
This is because, hackers can impersonate your identity and pose as you to steal from your accounts.
Hackers can target phishing emails using just your names and dates of birth to verify your identity.
Therefore, as much as Robinhood says the finances of its customers are safe, it is not without risk possibilities.
So, yes, you can lose all your money in stocks and crypto with such types of data breaches.
Where is the safest place to keep your cryptocurrency?
Hackers have recently targeted investors’ data in order to steal their digital assets like cryptocurrencies and stocks.
Companies have equally reported several breaches. For instance, hackers hacked Twitter in July 2020, stealing users’ data.
A teenage hacker had used same engineering technique to trick Twitter employees.
The hacker subsequently gained access to Twitter’s internal “admin” tool and used accounts to spread fake cryptocurrencies.
With such attack, the teenage hacker stole around $100,000 in cryptocurrency from unsuspecting victims.
Similarly, in August 2021, hackers also attacked T-Mobile and stole millions of data.
The company had confirmed that the hackers stole the data belonging to at least 47 million of its customers.
Consequently, it is important for you to consider the safest place or ways to keep your cryptocurrency.
One way to do that is Cold storage (or offline wallets).
According to Investopedia, Cold storage is one of the safest methods for holding bitcoin.
It said “these wallets are not accessible via the Internet, but hot wallets are still convenient for some users.”
Also, Robinhood’s Chief Security Officer, Caleb Sima said of customers’ safety as follows:
“As a Safety First company, we owe it to our customers to be transparent and act with integrity.”
“Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”
What to do to secure your cryptocurrencies and stocks
Email from Robinhood is warning users to be on guard against phishing attacks that’ll try to impersonate the company in an effort to hijack access to a user’s account.
Also, Robinhood has given tips on how its users can secure their assets against hackers.
“If you are a customer looking for information on how to keep your account secure, please visit Help Center > My Account & Login > Account Security,” the company added. “When in doubt, log in to view messages from Robinhood —we’ll never include a link to access your account in a security alert.”
What the people are saying
Subreddit users have denounced Robinhood, with others wondering how the app still has millions of followers.
One user, The_Count_99 wrote saying “Karma for staying with hood when you knew better.”
Another user, tax_evading_apple expressed surprise that the company still has millions of customers.
But another user replied that Robinhood is “the most popular stock trading app in the USA by far” despite the controversy from earlier this year.
Also, Attorney General William, Tong urged Robinhood users to exercise additional caution following a data breach.
He warned that the hacker may soon use the data he harvested to extract more information and money.
His statement in a blog post reads thus:
“Data breaches, particularly those involving ransom demands, are a ubiquitous modern threat to businesses and consumers.
“The Robinhood hacker will likely now use the email addresses and names they have harvested to send phishing emails to try to extract additional personal information and money.
“Robinhood has indicated that it will not email any security alert containing a link to its users.
“If you receive one, it is a scam and report it immediately.
“As always, carefully review and verify any email before you click on a link or respond.”
Implications
What this implies is that Robinhood users may lose their assets if the company fails to stop the attack.
This could throw millions of users into hardship.
Also, the company may lose trust as a result of the breach.
Found this interesting? Share!