Security News > 2021 > November > 7 million Robinhood user email addresses for sale on hacker forum
The data for approximately 7 million Robinhood customers stolen in a recent data breach are being sold on a popular hacking forum and marketplace.
Last week, Robinhood disclosed a data breach after one of its employees was hacked, and the threat actor used their account to access the information for approximately 7 million users through customer support systems.
In a forum post, pompompurin said he was selling 7 million Robinhood customers' stolen information for at least five figures, which is $10,000 or higher.
The sold data includes 5 million email addresses, and for another batch of Robinhood customers, 2 million email addresses and their full names.
"As we disclosed on November 8, we experienced a data security incident and a subset of approximately 10 customers had more extensive personal information and account details revealed," Robinhood told BleepingComputer after we contacted them regarding the sale of their data.
These screenshots included an internal help desk system used to lookup Robinhood member information by email address, an internal knowledge base page about a "Project Oliver Twister" initiative designed to protect high-risk customers, and an "Annotations" page showing notes for a particular customer.