Early Prime Day Deals Roe v. Wade Overturned Surface Laptop Go 2 Review 4th of July Sales M2 MacBook Pro Deals Healthy Meal Delivery Best TVs for Every Budget Noise-Canceling Earbuds Dip to $100

Robinhood data breach exposed 7 million customers

The breach happened Nov. 3, leaking the most extensive personal data for about 300 users. However, Robinhood says no financial information was exposed.

Robinhood stock trading
The trading platform is finishing an eventful year with a major data breach.
James Martin/CNET

Stock trading platform Robinhood, perhaps best known for its association with the GameStop rollercoaster earlier this year, announced Monday that it experienced a data breach Nov. 3. The company reported that the incident affected a little more than 7 million customers, with varying amounts of data leaked.

The largest part of the breach leaked email addresses for about 5 million customers, according to the company's press release, with full names being leaked for a separate 2 million customers. That same press release indicated that 310 people may have names, dates of birth and ZIP codes leaked, and "more extensive account details" for roughly 10 customers. No Social Security, bank account or debit card information is believed to have been exposed. The company says it's in the process of contacting the people affected by the breach. 

The data breach is the latest event in a busy year for Robinhood. Back in January, the trading platform played a major part in a coordinated "short squeeze" of GameStop stock, with investors collectively buying the stock to punish hedge funds that had bet on its decline. The resulting trading frenzy drew Congress' attention to Robinhood, including a five-hour hearing about the service Robinhood provides and whether it's ultimately beneficial or harmful for retail investors. The company then filed to go public in July, and the data breach comes barely three months after its initial public offering. 

The incident also continues a trend of major data breaches, following T-Mobile in September and Twitch in October.

Robinhood's statement said that the breach has since been contained, law enforcement has been informed and the party responsible demanded payment in an extortion attempt. Caleb Sima, Robinhood's chief security officer, said in the company's statement, "As a Safety First company, we owe it to our customers to be transparent and act with integrity."