2021-11-08 Robinhood Markets, Inc. Cybersecurity Incident

Page last updated on September 23, 2025

Robinhood Markets, Inc. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2021-11-08 16:05:51 EST.

Incident Details

Material: Unknown
Is Breach: Yes
Records Compromised: 7,000,310
Data Types Impacted: Unspecified, Other, Date of Birth, Name, Email

Compromised Date: Unknown
Detected Date: 2021-11-03
Disclosure Date: 2021-11-08
Contained Date: Unknown
Recovered Date: Unknown

Attack Goal: Unknown
Attack Tactics¹: TA0001, TA0009, TA0010
Attack Techniques¹: T1204, T1213, OTHER

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2021-11-08

Robinhood Markets, Inc. filed an 8-K at 2021-11-08 16:05:51 EST
Accession Number: 0001783879-21-000073

Item 7.01 Regulation FD Disclosure.

On November 8, 2021, Robinhood Markets, Inc. published a blog post related to its detection of a data security incident. A copy of that blog post is furnished as Exhibit 99.1 to this Current Report on Form 8-K.

The information furnished with this Item 7.01, including Exhibit 99.1, shall not be deemed "filed" for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (the "Exchange Act"), or otherwise subject to the liabilities of that section, nor shall it be deemed incorporated by reference into any other filing under the Securities Act of 1933, as amended, or the Exchange Act, except as expressly set forth by specific reference in such a filing.

Exhibit No. 99.1

Blog post dated November 8, 2021

Late in the evening of November 3, we experienced a data security incident. An unauthorized third party obtained access to a limited amount of personal information for a portion of our customers. Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident.

The unauthorized party socially engineered a customer support employee by phone and obtained access to certain customer support systems. At this time, we understand that the unauthorized party obtained a list of email addresses for approximately five million people, and full names for a different group of approximately two million people. We also believe that for a more limited number of people-approximately 310 in total-additional personal information, including name, date of birth, and zip code, was exposed, with a subset of approximately 10 customers having more extensive account details revealed. We are in the process of making appropriate disclosures to affected people.

After we contained the intrusion, the unauthorized party demanded an extortion payment. We promptly informed law enforcement and are continuing to investigate the incident with the help of Mandiant, a leading outside security firm.

"As a Safety First company, we owe it to our customers to be transparent and act with integrity," said Robinhood Chief Security Officer Caleb Sima. "Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do."

If you are a customer looking for information on how to keep your account secure, please visit Help Center > My Account & Login > Account Security. When in doubt, log in to view messages from Robinhood-we'll never include a link to access your account in a security alert.

Company Information