[Asia Economy Reporter Cho Hyun-ui] The U.S. online stock trading platform Robinhood has suffered a voice phishing attack, resulting in the personal information of approximately 7 million users being leaked.
On the 8th (local time), Robinhood stated on its blog that "due to a network intrusion incident on the 3rd, the email addresses of about 5 million people and the names of about 2 million people were leaked, and 310 individuals had extensive personal information such as birth dates and addresses compromised," according to reports from the Wall Street Journal (WSJ) and others.
However, social security numbers, bank account numbers, and debit card numbers were not leaked. Robinhood said, "So far, there have been no cases of customers suffering financial damage."
The network intrusion reportedly involved a voice phishing method. The intruder gained access by impersonating someone with authorized access to the system and deceiving employees.
Robinhood stated, "An unauthorized person tricked customer support staff over the phone to gain access to a specific customer support system."
After the hacking was contained, Robinhood reported that there was an extortion attempt, informed investigative authorities, and is conducting an internal investigation with the help of the security firm Mandiant.
The WSJ explained, "Robinhood, which manages accounts worth $224 billion (approximately 264 billion KRW) and assets totaling $95 billion (approximately 112 trillion KRW), is an attractive target for malicious attacks."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
