The data for approximately 7 million Robinhood customers stolen in a recent data breach is being sold on a popular hacking forum and marketplace. Last week, Robinhood disclosed a data breach after one of its employees was hacked and the threat actor used their account to access the information for approximately 7 million users through customer support systems. In addition to stealing the data, Robinhood stated that the hacker attempted to extort the company to prevent the data from being released. Stolen email addresses, especially those for financial services, are particularly popular among threat actors as they can be used in targeted phishing attacks to steal more sensitive data. Two days after Robinhood disclosed the attack, a threat actor named pompompurin announced that they were selling the data on a hacking forum. In a forum post, pompompurin said he was selling 7 million Robinhood customers’ stolen information for at least five figures.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased