fbpx

Robinhood Failure to Protect Customer Information Class Action

Robinhood is a financial services company best known for enabling customers to trade securities on a mobile app. This class action brings suit against a number of Robinhood companies—Robinhood Markets, Inc., Robinhood Crypto, LLC, Robinhood Financial, LLC, and Robinhood Securities, LLC—because of a data breach they experienced. The complaint alleges the companies failed to properly safeguard customers’ personal information.

The Nationwide Class for this action is all individuals in the US who had any of their PII compromised in the Robinhood data breach. Subclasses have been proposed for residents of California, Illinois, New York, Indiana, Utah, South Carolina, and Georgia.

Robinhood’s Privacy Policy notes that it may collect from customers things like dates of birth, Social Security numbers, biometric identifiers, data from government-issued IDs, information on bank accounts and payment cards, income information, account balances, credit history, tax information, and so on.

The company’s website also claims that it uses “a number of industry-standard measures to protect your account and ensure your experience with us is safe and secure.” Even so, the complaint alleges that the company “failed to prioritize data and cyber security by adopting reasonable data and cyber security measures to prevent and detect the unauthorized access to” customer PII.

Hackers entered Robinhood’s systems on the evening of November 3, 2021. The personally identifiable information (PII) they were able to access included names, dates of birth, e-mail addresses, and zip codes, among other things. This potentially included the PII of some 7 million customers. Robinhood announced the data breach a few days later, on November 8, 2021.

The company’s report on the incident claims, “The unauthorized party socially engineered a customer support employee by phone and obtained access to certain customer support systems.”

The complaint comments, “Indeed, it appears that Robinhood did not even implement basic security measures despite Robinhood’s promises that it: (i) would not disclose consumers’ PII; and (ii) would protect consumers’ PII with adequate security measures.”

The PII is now on sale on the dark web. The complaint alleges, “The seller indicated that he was expecting to sell the information for at least ‘five figures,’ and that the information is ‘highly profitable in the right hands.’ As a result, Robinhood’s customers face a lifetime risk of identity theft.”

The complaint alleges that the Federal Trade Commission (FTC) has said that a failure to take reasonable measures to protect confidential consumer data from unauthorized access is an unfair practice that is forbidden by the FTC Act.

Both the FTC and the National Institute of Standards and Technology (NIST) both put out guidance on network security. The complaint alleges that Robinhood did not take proper measures to protect the data in its systems.

Article Type: Lawsuit
Topic: Privacy

Most Recent Case Event

Robinhood Failure to Protect Customer Information Complaint

November 17, 2021

Robinhood is a financial services company best known for enabling customers to trade securities on a mobile app. This class action brings suit against a number of Robinhood companies—Robinhood Markets, Inc., Robinhood Crypto, LLC, Robinhood Financial, LLC, and Robinhood Securities, LLC—because of a data breach they experienced. The complaint alleges the companies failed to properly safeguard customers’ personal information.

Robinhood Failure to Protect Customer Information Complaint

Case Event History

Robinhood Failure to Protect Customer Information Complaint

November 17, 2021

Robinhood is a financial services company best known for enabling customers to trade securities on a mobile app. This class action brings suit against a number of Robinhood companies—Robinhood Markets, Inc., Robinhood Crypto, LLC, Robinhood Financial, LLC, and Robinhood Securities, LLC—because of a data breach they experienced. The complaint alleges the companies failed to properly safeguard customers’ personal information.

Robinhood Failure to Protect Customer Information Complaint
Tags: Exposing Private Information, Exposure to cyber crime, Your Privacy