One expert reminds all that cybercriminals can leverage even a small amount of sensitive personal information to pull off secondary attacks.

On 8 Nov 2021, Robinhood Markets Inc published a blogpost announcing that a third party had obtained access to a limited amount of personal information for a portion of their customers on Wednesday Nov 3.

The breached data includes a list of email addresses for approximately 5m customers, and the full of a different group of approximately 2m customers.

In addition, 310 people had additional personal information, including names, dates of birth and zip code exposed, with a subset of 10 customers having more extensive account details revealed.

According to one cybersecurity expert, financial services companies are a prime target for cybercriminals “because that’s where the money is”—to quote famous bank robber Willie Sutton.

With Robinhood reporting a data breach involving a total of more than 7m customers, Ken Westin, Director, Security Strategy, Cybereason, said: “It appears a limited amount of personal information was compromised. And while the hackers have stolen email addresses and/or full names of 7m people, a smaller group of fewer than 500 customers had personal information stolen. Minimally impacted consumer info can still be leveraged for secondary phishing attacks to gain access to accounts, making it critically important for their customers to be vigilant while regularly checking their accounts for any signs of fraud.”

So far, preliminary investigations point to the breach being the result of social engineering involving a single customer support employee. Westin said this is a reminder that humans are oftentimes the weakest link in the ecosystem: “To reduce risks, companies should have multiple layers of controls in place with restrictions on who can access mission critical data. This can be challenging for financial services companies with employees working remotely from home and customer data and systems becoming more distributed across on-premises, cloud and SaaS infrastructures.”