FBI Hacker Offers Robinhood Customer Data for Sale - Security Alert
The hacker behind last week’s Robinhood data breach is now selling the company's customer data on a hacking forum.
Known as ‘pompompurin’, the threat actor - who also claimed responsibility for the recent hack on the FBI's email system - is looking for a minimum offer of “five figures” for the "highly valuable" data, which includes seven million email addresses.
However, the threat actor emphasised that the sensitive data of 310 customers, such as name, date of birth, and zip code, will not be available to purchase “at this current point of time”.
The sensitive data was obtained through SendSafely, a file transfer system used by Robinhood to verify users’ identities when they set up an account. Out of the 310 customers who had had their ID cards stolen by ‘pompompurin’, 10 had more extensive details leaked.
The hacker criticised Robinhood for concealing the fact that the ID cards had been stolen, according to screenshots from the hacking forum obtained by BleepingComputer.
In a blog post published on 8 November, the online trading platform said it was in the process of notifying 310 customers that their personal data had been stolen. However, it didn’t specifically mention the theft of ID cards, despite CSO Caleb Sima’s stating that the company would “be transparent and act with integrity”.
IT Pro has contacted Robinhood for comment.
‘Pompompurin’ made headlines on Monday by claiming responsibility for exploiting the FBI’s systems to send fake cyber security alerts. In an interview with security researcher Brian Krebs, the threat actor said they wanted to draw attention to the security vulnerability in the Law Enforcement Enterprise Portal (LEEP) web app.
‘Pompompurin’ is named after a dog character introduced by the Japanese company Sanrio, which echoes the use of the 'HelloKitty’ alias by the ransomware group responsible for the cyber attack on game developer CD Projekt earlier this year, with the popular cat character also being a product of Sanrio. The stolen data has also since resurfaced on a dark web auction self-described as “charity fundraising”.
-
Leveraging Big Data for Cryptocurrency Analysis: Insights & Trends
Big data has become one of the most valued and used tools by businesses. With the capacity to comprehend large data sets, trends can be unearthed that would have gone unnoticed. These trends are then
-
Big Data Analytics for Cryptocurrency Market Security
While several countries are still unfamiliar with the concept of cryptocurrencies, it is gradually gaining popularity. However, consumers must ensure that a scam artist is not duping them. And to do t
Blockchain
- Understanding Hash Functions: A Comprehensive Guide
- Blockchain Technology: A Comprehensive Explanation
- Child Tax Credit: Impact & Eligibility Explained | [Year]
- Data Security for Remote Workers: Expert Tips & Best Practices
- Global E-commerce Strategies: Expanding Your Business Internationally
- Unlock Growth: 9 Proven Personalization Strategies for Marketing, Sales & Support
- Customer Churn Prevention: Data-Driven Strategies to Reduce Customer Attrition
- Develop a Data-Driven Customer Strategy: A 2024 Guide
- Unlock Value: Effective Customer Data Strategies for B2B
-
Blockchain and the Right to be Forgotten: Navigating Data Privacy Challenges
There’s been a lot of hype about blockchain over the past year. Although best known as the technology that underpins Bitcoin, blockchain is starting to disrupt ...
-
Decentralized Internet: Exploring the Potential of Blockchain
With the Internet becoming a modern-day necessity, there's a growing push to free it from the control of regulatory authorities and monopolistic tech giants. Many netizens are becoming wary of t...