'Hocus Pocus 2' Review Wi-Fi 6 Router With Built-In VPN Sleep Trackers Capital One Claim Deadline Watch Tesla AI Day Student Loan Forgiveness Best Meal Delivery Services Vitamins for Flu Season
Want CNET to notify you of price drops and the latest stories?
No, thank you
Accept

Robinhood data breach exposed 7 million customers

The breach happened Nov. 3, leaking the most extensive personal data for about 300 users. However, Robinhood says no financial information was exposed.

Robinhood stock trading
The trading platform is finishing an eventful year with a major data breach.
James Martin/CNET

Stock trading platform Robinhood, perhaps best known for its association with the GameStop rollercoaster earlier this year, announced Monday that it experienced a data breach Nov. 3. The company reported that the incident affected a little more than 7 million customers, with varying amounts of data leaked.

The largest part of the breach leaked email addresses for about 5 million customers, according to the company's press release, with full names being leaked for a separate 2 million customers. That same press release indicated that 310 people may have names, dates of birth and ZIP codes leaked, and "more extensive account details" for roughly 10 customers. No Social Security, bank account or debit card information is believed to have been exposed. The company says it's in the process of contacting the people affected by the breach. 

The data breach is the latest event in a busy year for Robinhood. Back in January, the trading platform played a major part in a coordinated "short squeeze" of GameStop stock, with investors collectively buying the stock to punish hedge funds that had bet on its decline. The resulting trading frenzy drew Congress' attention to Robinhood, including a five-hour hearing about the service Robinhood provides and whether it's ultimately beneficial or harmful for retail investors. The company then filed to go public in July, and the data breach comes barely three months after its initial public offering. 

The incident also continues a trend of major data breaches, following T-Mobile in September and Twitch in October.

Robinhood's statement said that the breach has since been contained, law enforcement has been informed and the party responsible demanded payment in an extortion attempt. Caleb Sima, Robinhood's chief security officer, said in the company's statement, "As a Safety First company, we owe it to our customers to be transparent and act with integrity."