Data stolen from the American company Robinhood, which offers its clients the opportunity to trade stocks and exchange-traded funds, was put up for sale on the darknet.
Let me remind you that Robinhood was compromised in early November 2021. Then it was reported that the hackers hacked into the account of one of the customer service employees, stolen the personal data of millions of users, and then tried to extort a ransom from the company. But instead of paying the ransom, Robinhood notified law enforcement about the incident.
Then hackers managed to gain access to user data, including:
- e-mail addresses of 5,000,000 people;
- real names of 2,000,000 people;
- names, dates of birth and postal codes of approximately 310 users;
- extensive personal data of about 10 users.
A few days after the attack became known, a hacker known as pompompurin put Robinhood’s data up for sale, Bleeping Computer writes . In a posting, pompompurin said it was selling information to Robinhood’s 7 million customers “for five figures,” or at least $ 10,000.
The dump includes the aforementioned email addresses of 5 million people and the full names of 2 million people, but the hacker writes that he will not sell more detailed information about 310 users, for whom, as it turned out, identity cards are also available.
“As we reported on November 8th, we had a data security incident and more personal and account information was disclosed to a subset of approximately 10 clients.
More details about the accounts included ID images for some of these people. Like other financial services companies, we collect and store some customer ID images as part of our mandatory Know Your Customer checks, ”Robinhood told reporters.
Interestingly, pompompurin appears to be linked to a recent attack on the FBI’s mail servers: Last weekend, hackers compromised the FBI’s mail server and used the gained access to send emails that simulated warnings about cyberattacks and data theft.
These messages from the attackers reported that a certain Vinny Troia was responsible for the attacks. Troy is a renowned cybersecurity researcher who leads darknet research at NightLion Security and Shadowbyte. The expert wrote on Twitter that the incident was the work of a man known as pompomourin.
Catch up on more stories here
Follow us on Facebook here