According to the screenshots of the tool obtained by Motherboard hackers had access to an internal tool that presented them the option of tampering with user accounts, including Disable MFA that is multi-factor authentication protections, “Add to Trusted Device Email Code Whitelist,” along with information about what devices were logged into the account, and the ACH bank transfers the user had done.
However, according to Robinhood, no changes have yet been made to any user’s account.
Motherboard obtained the screenshots from a source who pretended as a proxy of hackers.
Online stock trading platform Robinhood announced on November 3 that it was hacked last week with more than five million customer email addresses and two million customer names taken, as well as about 10 persons having more specific customer data revealed.
No social security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customer as a consequence of the attack, as per the statements made by the online broker platform.
The company has made no statement on whether or not the users who had more data accessed than others were specifically targeted but it has said that it’s reaching out to those affected. Robinhood also said that the hacker tried to extort it for money but to no avail.