Exploit: Hacking
Robinhood: Financial Services Platform
Financial services platform Robinhood made the news after disclosing a data breach on November 3. The company blamed the security incident on vishing. Threat actors obtained access to the organization’s customer support systems by obtaining systems access over the phone. This is the same technique that proved successful in the 2020 Twitter hack. According to reports, after accessing the data, the cybercriminals then demanded an extortion payment to keep the data safe.
Bleeping Computer reported that two days after Robinhood disclosed the attack, a threat actor named ‘pompompurin’ announced that they were selling the stolen information on of 7 million Robinhood customers’ for at least five figures, which is $10,000 or higher on a hacking forum
Key Takeaway: Stock trading became trendy with meme stocks gaining traction on social media as new investors entered the market quickly and easily through apps like Robinhood. But FinTech and similar sectors also caught the eye of cybercriminals who stepped up their hacking efforts looking for quick scores of cryptocurrency and financial data.