Trading platform Robinhood has revealed that several thousand entries in a list obtained by hackers contained phone numbers along with other text entries in a November 3 security breach incident.
The platform said it believes that the list did not contain Social Security numbers, bank account numbers, or debit card numbers and that there has been no financial loss to any customer as a result of the incident.
“We will continue making appropriate disclosures to affected people,” the company said in a blog post.
Earlier this month, Robinhood revealed that the personal information of more than seven million customers had been accessed during a data breach.
An unauthorized third-party socially engineered a customer support employee by phone and obtained access to certain customer support systems of the stock-trading app.
Hackers demanded an extortion payment, and according to Robinhood, it informed law enforcement and was continuing to investigate the incident with the help of cyber security firm Mandiant.
“As a Safety First company, we owe it to our customers to be transparent and act with integrity,” Robinhood Chief Security Officer Caleb Sima said earlier.
“Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do,” Sima added.