Robinhood recently announced that its widely used app suffered a data breach that exposed the personal information of around seven million users.
The company discovered the incident on the evening of November 3, when an “unauthorized third party” managed to access personal information of their customers.
However, the investment firm said that social security numbers, account numbers, and debit card numbers were not exposed in the breach.
The 7 million customers affected by the data breach were notified by e-mail.
Customer information such as names, email addresses, and other metadata is used by threat actors and cybercriminals for phishing and identity theft campaigns.
Robinhood also said that the company had been threatened by the perpetrators and had tried to extort the payment. Robinhood is now cooperating with law enforcement and engaged the cybersecurity firm Mandiant. It did not explicitly say whether it had paid any amount to the cybercriminals.
For more information, you may view the original story from ZDnet.