Nearly 2,000 Robinhood accounts were infiltrated by hackers who stole money from the popular stock-trading app’s users, a new report says.
The estimate — which the financial startup has not publicly confirmed — came from an internal review of the hacking activity that looted thousands of dollars from Robinhood users in recent weeks, Bloomberg News reported Thursday.
Robinhood said a “limited number” of its customers were targeted because the email address associated with their accounts was compromised outside of the app. The hack did not stem from a breach of the company’s systems, a spokesperson said.
But victims told Bloomberg they found no signs that criminals had gotten into their email accounts, and some said their trading accounts were broken into even though they used “two-factor authentication,” which requires someone logging in to confirm their identity in two ways.
Affected users also complained that Robinhood didn’t have a customer service phone number to field their complaints, the news service reported. Robinhood is reportedly considering setting up such a phone line.
“It’s kind of ridiculous that an investment app that’s handling people’s livelihoods, people’s money, has the audacity to make people wait several weeks to hear back anything,” Robert Riachi, who reportedly had thousands of dollars go missing from his Robinhood account, told Bloomberg.
Robinhood said it has been sending users push notifications with tips on securing their accounts, such as using two-factor authentication and setting strong passwords. The company said it restricts accounts and logs them out when customers report potential fraud.
“We fully understand potential fraudulent or suspicious activity in a financial account can cause concern and we always respond to customers reporting fraudulent or suspicious activity and work as quickly as possible to complete our investigation, resolve any account issues and process any refund,” a Robinhood spokesperson said in a statement.