Business
Robinhood stored passwords in plaintext, so change yours now
Investment and stock trading app Robinhood stored some user credentials, including passwords, in plaintext on internal systems, the company revealed today. This particularly dangerous security misstep could have seriously exposed its users, though it says that it has no evidence the data was accessed improperly. Better change your password now.
Sensitive data like passwords and personal information are generally kept encrypted at all times. That way if the worst came to pass and a company’s databases were exposed, all the attacker would get is a bunch of gibberish. Unfortunately it seems that there might have been a few exceptions to that rule.
A number of users, including CNET’s Justin Cauchon, received the following notice from Robinhood in an email:
When you set a password for your Robinhood account, we use an industry-standard process that prevents anyone at our company from reading it. On Monday night, we discovered that some user credentials were stored in a readable format within our internal systems. We wanted to let you know that your password may have been included.
We resolved this issue, and after thorough review, found no evidence that this information was accessed by anyone outside of our response team.
It seems that if it were truly “industry-standard,” then the rest of the industry would also have stored passwords in plaintext. Come to think of it, that would explain a lot, since Google, Facebook, Twitter, and others have all managed to make this same mistake recently.
A Robinhood representative stressed the rapidity of the company’s response to the issue, though they would not comment on how it was first discovered, nor how long the data was stored that way, nor what deviation from these industry norms caused the problem, nor how many users were affected, nor whether answers to these questions would ever be forthcoming. They did offer the following statement:
We swiftly resolved this information logging issue. After a thorough review, we found no evidence that this customer information was accessed by anyone outside of our response team. Out of an abundance of caution, we have notified customers who may have been impacted and encouraged them to reset their passwords. We take our responsibility to customers seriously and place an immense focus on working to ensure their information is secure.
If you got an email, you were among the unlucky few many majority handful some, so change your password. If you didn’t get an email… also change your password. You can never be too careful.
Every Samsung Galaxy Unpacked announcement, including S25 phones
10 Sundance films you should know about now
What drives John Cena? The ‘What Drives You’ host speaks out
‘The Brutalist’ AI backlash, explained
OnePlus 13 review: A great option if you’re sick of the usual flagships
‘Night Call’ review: A bad day on the job makes for a superb action movie
How ‘Grand Theft Hamlet’ evolved from lockdown escape to Shakespearean success
If TikTok is banned in the U.S., this is what it will look like for everyone else
‘One of Them Days’ review: Keke Palmer and SZA are friendship goals
‘Back in Action’ review: Cameron Diaz and Jamie Foxx team up for Gen X action-comedy
What’s new to streaming this week? (Dec. 27, 2024)
2025’s public domain works and how you can use them, from Popeye to ‘The Sound and the Fury’
The greatest ’90s films on Prime Video
How to watch ‘Wicked’ at home: Release date, streaming deals, and more
CES 2025 highlights: 12 new gadgets you can buy already
‘American Primeval’ review: Can Netflix’s grimy Western mini-series greatest ‘Yellowstone’?
Tesla launched the new Model Y in China. Here’s what you need to know
Eight ways Mark Zuckerberg changed Meta ahead of Trump’s inauguration
Meta ditches fact-checking for community notes ahead of second Trump term
Space calendar 2025: Here are the moments you won’t want to miss
Every Samsung Galaxy Unpacked announcement, including S25 phones
10 Sundance films you should know about now
What drives John Cena? The ‘What Drives You’ host speaks out
‘The Brutalist’ AI backlash, explained
OnePlus 13 review: A great option if you’re sick of the usual flagships
‘Night Call’ review: A bad day on the job makes for a superb action movie
How ‘Grand Theft Hamlet’ evolved from lockdown escape to Shakespearean success
If TikTok is banned in the U.S., this is what it will look like for everyone else
‘One of Them Days’ review: Keke Palmer and SZA are friendship goals
‘Back in Action’ review: Cameron Diaz and Jamie Foxx team up for Gen X action-comedy
-
Entertainment7 days agoWhat’s new to streaming this week? (Jan. 17, 2025)
-
Entertainment6 days agoExplainer: Age-verification bills for porn and social media
-
Entertainment6 days agoIf TikTok is banned in the U.S., this is what it will look like for everyone else
-
Entertainment6 days ago‘Night Call’ review: A bad day on the job makes for a superb action movie
-
Entertainment6 days agoHow ‘Grand Theft Hamlet’ evolved from lockdown escape to Shakespearean success
-
Entertainment6 days ago‘September 5’ review: a blinkered, noncommittal thriller about an Olympic hostage crisis
-
Entertainment6 days ago‘Back in Action’ review: Cameron Diaz and Jamie Foxx team up for Gen X action-comedy
-
Entertainment6 days ago‘One of Them Days’ review: Keke Palmer and SZA are friendship goals
