According to a recent report, the hackers behind the recent data breach of the online trading platform Robinhood had access to system tools that would allow them to remove certain account security features of customers.
Vice News reports that the hackers behind the recent data breach of the online trading platform Robinhood had access to internal tools that allowed them to alter user accounts, including removing two-factor authentication protections and other security features.
Robinhood claims that based on its investigation, the hackers did not make any changes to customer accounts or access user funds.
“The unauthorized party socially engineered a customer support employee by phone and obtained access to certain customer support systems,” Robinhood wrote in the blog post. “At this time, we understand that the unauthorized party obtained a list of email addresses for approximately five million people, and full names for a different group of approximately two million people.”
Vice News has obtained screenshots of the tools that the hackers had access to, which show that they could have logged users out of accounts, added trusted devices, and blocked certain sessions from accessing the Robinhood account. The screenshots further show that the hackers could view sensitive user information including balances and trades.
Robinhood told Vice News in a statement: “Certain authorized Robinhood employees have the ability to update accounts as necessary to provide customer support or service accounts, as is standard at most financial institutions and platforms.” The latest reports show that hackers are offering access to some of the data stolen from Robinhood on underground hacker forums.
Read more at Vice News here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address firstname.lastname@example.org