Robinhood confirmed on Sunday that its data security was breached in a recent cyber attack on November 3, resulting in the exposure of personal details of millions of customers.

According to the Trading Platform , the attacker has obtained the emails of 5 million Robinhood customers and the full names of another 2 million customers. Additional personal information, including name, date of birth, and zip code, was exposed for a small group of approximately 310 customers.

Furthermore, the platform could not protect ‘more extensive account details’ of another set of around ten customers.

However, the platform stressed that none of the social security numbers, bank account numbers, or debit card numbers were exposed with no financial losses.

“We are in the process of making appropriate disclosures to affected people,” the announcement stated.

A Socially Engineered Attack

Robinhood detailed that the attack was partly socially engineered as the attacker disguised themself as a customer support employee to gain access to certain customer support systems. The attacker demanded a financial amount from the trading platform after the intrusion was contained.

The platform has already reported the breach to law enforcement and is investigating the breach with a third-party security firm, Mandiant.

“As a Safety First company, we owe it to our customers to be transparent and act with integrity,” Robinhood’s Chief Security Officer, Caleb Sima said in a statement. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”

However, this is not the first Cybersecurity breach the platform has endured. Last year, nearly 2,000 brokerage accounts at Robinhood were compromised by an attack that gave hackers the ability to take over users’ trades and funds.

Meanwhile, a group of Robinhood traders is seeking the court’s permission to open a class-action lawsuit against the company for abrupt trading outages that led to potential losses to the traders.

Robinhood confirmed on Sunday that its data security was breached in a recent cyber attack on November 3, resulting in the exposure of personal details of millions of customers.

According to the Trading Platform , the attacker has obtained the emails of 5 million Robinhood customers and the full names of another 2 million customers. Additional personal information, including name, date of birth, and zip code, was exposed for a small group of approximately 310 customers.

Furthermore, the platform could not protect ‘more extensive account details’ of another set of around ten customers.

However, the platform stressed that none of the social security numbers, bank account numbers, or debit card numbers were exposed with no financial losses.

“We are in the process of making appropriate disclosures to affected people,” the announcement stated.

A Socially Engineered Attack

Robinhood detailed that the attack was partly socially engineered as the attacker disguised themself as a customer support employee to gain access to certain customer support systems. The attacker demanded a financial amount from the trading platform after the intrusion was contained.

The platform has already reported the breach to law enforcement and is investigating the breach with a third-party security firm, Mandiant.

“As a Safety First company, we owe it to our customers to be transparent and act with integrity,” Robinhood’s Chief Security Officer, Caleb Sima said in a statement. “Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do.”

However, this is not the first Cybersecurity breach the platform has endured. Last year, nearly 2,000 brokerage accounts at Robinhood were compromised by an attack that gave hackers the ability to take over users’ trades and funds.

Meanwhile, a group of Robinhood traders is seeking the court’s permission to open a class-action lawsuit against the company for abrupt trading outages that led to potential losses to the traders.