Monday, November 29, 2021

Screenshots reveal what extra information the Robinhood hackers accessed

- Advertisement -
- Advertisement -
- Advertisement -


Screenshots obtained by Motherboard reportedly show the internal Robinhood tools that a hacker used to access “more extensive account details” for some of the trading platform’s accounts. The heavily redacted screenshots show that hackers had access to buttons labeled “Disable MFA” (multi-factor authentication) and “Add to Trusted Device Email Code Whitelist,” along with information about what devices were logged into the account, and the ACH bank transfers the user had done.

Motherboard says it got the screenshots from someone claiming to be affiliated with the hackers and says that Robinhood denied that hackers made any actual changes to any accounts.

One of the screenshots reportedly provided by the Robinhood hackers. Redactions were made by Motherboard.
Image: Motherboard

Although data was accessed for around 7 million people, Robinhood said in its announcement that most of them only had their email addresses or full names obtained. Ten people, however, had “more extensive account details revealed.” Robinhood confirmed the account included in one screenshot Motherboard received showing a customer support conversation was one of those 10. Another screenshot also shows a customer’s account balance, portfolio value, and verified phone number.

Robinhood announced the hack on Monday, saying that someone was able to socially engineer one of its support employees and gain access to some of the company’s customer support tools. These tools gave them access to some user information, though not Social Security, bank, or debit card numbers, according to Robinhood. The company won’t say if the users who had more data accessed than others were specifically targeted, but it has said that it’s reaching out to those affected. Robinhood also said that the hacker tried to extort it for money, but that it didn’t pay.

Robinhood didn’t immediately respond to request for comment from The Verge.



Source link

- Advertisement -

More from the blog

GitHub is down, affecting thousands of developers

Microsoft-owned GitHub is down, affecting thousands or probably tens of millions of developers that depend on its many providers. GitHub began...

The snooze button is the best part of the world’s most hated gadget

Few devices are extra hated than the alarm clock, a tool whose major objective is to rudely rip you from the...