Robo-advisor pioneer Betterment has disclosed a cybersecurity incident after a menace actor used social engineering to breach its methods.
The assault concerned third-party software program platforms that the corporate makes use of for advertising and operations and was not the results of Betterment infrastructure hacking, the funding advisor mentioned.
The menace actor on January 9 despatched a crypto-related message to sure Betterment prospects, impersonating the corporate to trick customers into sending them funds.
The fraudulent message claimed that Betterment would triple contemporary deposits made to Bitcoin and Ethereum cryptocurrency addresses managed by the attacker.
“After the fraudulent message was despatched on January 9, our groups instantly revoked the unauthorized entry and launched a complete investigation, which is ongoing,” Betterment mentioned.
The corporate says it has contacted the affected prospects on to notify them of the rip-off.Commercial. Scroll to proceed studying.
In keeping with Betterment, no buyer accounts have been accessed within the assault, and no passwords or different credentials have been compromised.
In a January 10 discover, the fintech agency defined that no accounts have been compromised even when the affected customers clicked on the hyperlinks within the fraudulent message.
This week, nevertheless, Betterment revealed that the menace actor may need accessed sure buyer data, together with names, addresses, electronic mail addresses, cellphone numbers, and dates of start.
“We encourage all prospects to stay vigilant and to be cautious of surprising communications. Please keep in mind that Betterment won’t ever name, textual content, or electronic mail you with a request to share your password or different delicate private data,” the corporate mentioned.
What Betterment didn’t share was the variety of probably impacted people. SecurityWeek has emailed the corporate for extra data and can replace this text if it responds.
Headquartered in New York Metropolis, Betterment is among the largest robo-advisors within the US, with over 1 million prospects and greater than $65 billion value of belongings underneath administration.
Associated: After Goldman, JPMorgan Discloses Legislation Agency Information Breach
Associated: Instagram Fixes Password Reset Vulnerability Amid Consumer Information Leak
Associated: Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes
Associated: European House Company Confirms Breach After Hacker Gives to Promote Information
