Cyber criminals leave some Robinhood users with looted accounts

It took Soraya Bagheri a day to discover that 450 shares of Moderna have been liquidated in her Robinhood account and that $10,000 in withdrawals were pending. But after alerting the web brokerage to what she believed was a theft happening, she received a frustrating email.

The firm wrote it could investigate and respond within “a couple weeks.” Now her money is fully gone.

Ms Bagheri is among five Robinhood customers who recounted similar experience to Bloomberg News, saying they’ve been left in limbo in recent weeks after someone sold their investments and withdrew funds. As the wildly popular app has no emergency contact number, some said they tried in vain to intervene, and then watch helplessly as their money vanished.

“A restricted number of customers appear to have had their Robinhood account targeted by cyber criminals because of their personal email account (whatever is associated with their Robinhood account) being compromised beyond Robinhood,” a spokesman for the company said within an email. “We’re actively working with those impacted to secure their accounts.”

The problem didn’t stem from a breach of Robinhood’s systems, the spokesman said.

Ms Bagheri, a Washington attorney, and three other Robinhood users said they also contacted authorities like the Securities and Exchange Commission and the Financial Industry Regulatory Authority. Two of these customers said they have heard back from an official at the SEC seeking more information.

Finra and the SEC declined to comment.

Robinhood, founded seven years ago and based in Menlo Park, California, has exploded in popularity this year as an incredible number of Americans stuck in the home - including throngs of millennials - turn to make some money during a pandemic that has sent stock prices swinging. But the no-fee brokerage app in addition has attracted consumer complaints, with novice investors confused by the vagaries of commodity and margin loans.

Now, despite the fact that the firm said this season that it has a lot more than doubled its customer-service team, clients complain they’re struggling to get quick help when their funds are disappearing.

“They don’t have a customer service line, which I’m quite shocked about,” Ms Bagheri said.

Pruthvi Rao, a Chicago software engineer, said his account was hit on October 6. His guess on Netflix was liquidated and $2,850 was soon withdrawn. He said he’s sent more than a dozen emails to Robinhood’s customer care address, and that he even tried messaging a few of the brokerage’s executives on LinkedIn.

“I’m in tremendous mental stress now because this is most of my savings,” said Mr Rao, 36, whose account was frozen by Robinhood in response to the fraudulent activity. He said Robinhood contacted him on Friday and unlocked the account after sending several emails late Thursday requesting help.

Mr Rao showed Bloomberg the same emailed response from Robinhood that Bagheri received. “We understand the sensitivity of your situation and you will be escalating the matter to your fraud investigations team,” Robinhood customer service agents wrote them. “Please remember that this process may take a couple weeks, and the team focusing on your case won’t be able to provide regular updates.”

Mr Rao said he previously previously create two-factor authentication to gain access to his account, and Ms Bagheri said she’s certain her Robinhood password is unique from others, including her email. Neither believed that they had been duped by phishing scams or malware. Both said they utilize the same email for Robinhood and other accounts, and that only Robinhood has been affected.

“Unfortunately, it’s a common occurrence that online accounts of value are bought, sold and traded by cyber-criminals,” said Mark Arena, leader of Intel 471, which monitors activities of digital criminals. “This shows the importance of folks practicing common information-security hygiene such as for example not re-using the same password across multiple accounts and enabling two-factor authentication, which Robinhood supports.”

In addition they said Robinhood’s online portal showed their money visited a recipient at Revolut, another popular financial-technology startup. London-based Revolut, that provides a money transfer and exchange app, expanded to the united states this year.

“Revolut has been made alert to the issue and is investigating urgently,” a company spokesman said Friday within an email.

Bill Hurley, who owns a metal-fabrication shop in Windsor, Connecticut, said he received notifications that stock and Bitcoin had been sold from his account on September 21, and that $5,000 was used in Revolut accounts in two transactions. He said he emailed Robinhood for assistance as the transactions were pending but received none.

“They’ve had plenty of time to manage this,” he said.

Mr Hurley, 56, said he reached out to the SEC and heard back from a legal professional for the regulator, who asked for additional information on what had happened.