Hackers published an offer on the darknet claiming they sell access to thousands of e-mails many of them related to accounts at Robinhood. Previously, Robinhood customers repeatedly complained about hacking of their accounts, but the company preferred not to respond to these complaints in the public field.
Access to more than 10,000 email login credentials allegedly tied to Robinhood accounts were available for sale this week, Bloomberg reports. According to Eli Dominitz, CEO of cybersecurity firm Q6 Cyber, analysts at the firm analyzed the prevalence of this ad on the dark web, with the number of email addresses associated with Robinhood exceeding the number of addresses associated with other brokerage companies, at a ratio of approximately 5 to 1.
“If they feel that Robinhood gives them greater upside than trying to steal money from Bank of America, that’s what they’re going to do,” Dominitz said explaining why Robinhood's client accounts are more likely to be attacked than other brokerages companies.
In recent months, users of the Robinhood app repeatedly complained about hacked accounts and demanded that the company respond to this problem. According to an anonymous source familiar with the situation, Robinhood conducted an internal investigation and found that about 2,000 accounts were compromised as a result of hacked email addresses.
However, in an official answer, Robinhood emphasizes that they are not the only brokers to fall victim to such attacks.
“It is not uncommon for cyber-criminals to target customers of financial-services companies by attempting to use information sourced from the dark web,” Robinhood said in a written response to Bloomberg inquiries. The company added that hacking email is not enough to compromise a brokerage account. Robinhood said it found no signs of a breach in its systems, and also noted that it uses several tools to protect client accounts. Robinhood also encouraged customers to enable two-factor authentication.