Robinhood warned its customers in an email Wednesday that their passwords may have been stored in plaintext. The stock trading service said it discovered the issue on Monday night, when it found “some user credentials” stored in readable formats on its internal systems.
“Your Robinhood password may have been included,” Robinhood said in the email. “We resolved this issue, and after thorough review, found no evidence that this information was accessed by anyone outside of our response team.”
Still, it recommends changing your password.
A Robinhood spokesperson told CNET sister site ZDNet via phone that not all users were impacted, but did not say how many were. Passwords are now being hashed using the Bcrypt algorithm, according to a help page, ZDNet added.
Security on CNET
- Equifax breach: You can now file a claim for your share of the $700M settlement
- John McAfee ‘released from confinement’
- How to become a privacy ninja: Use these journalist tools
- NSA aims to up its cybersecurity game
Now playing:
Watch this:
Inside a password-free future
2:46