Popular investing app Robinhood said Monday that it suffered a security breach last week where hackers accessed some personal information for roughly 7 million users and demanded a ransom payment.
The online trading platform said that it believes no Social Security numbers, bank account numbers or debit-card numbers were exposed and that customers have seen no financial losses because of the intrusion.
For the vast majority of affected customers, the only information obtained was an email address or a full name. For 310 people, the information taken included their name, date of birth, and ZIP code. Of those, 10 customers had “more extensive account details revealed,” Robinhood said in a statement.
Robinhood said that after it contained the intrusion, “the unauthorized party demanded an extortion payment.” The company said it notified law enforcement and is investigating the incident with the help of the security firm Mandiant.
More than 22 million users have funded accounts at Robinhood, with nearly 19 million actively using theirs during September.
Robinhood shares fell 3.1% in after-hours trading.