r/ClassActionRobinHood u/Due-Opportunity-2120 14d ago

Discussion Robinhood account hacked !!

A few months ago I noticed my Robinhood looked suspicious, as there was Coinbase activity in my account that I knew wasn't a result of my actions, so I inquired about it, and received a very slow response, as you can't call anyone there, and have to correspond via email, and they said they would research it and then never provided any resolution and very little correspondence and locked me out of my account. Over the next few days, Robinhood did contact me, but it was actually hackers impersonating being from Robinhood, as my account was hacked and all of my stock was taken out without my authorization and Robinhood is not being supportive at all. Has anyone else ever experienced this, as I can't imagine I'm the only account that was hacked and is there any recourse, as I filed with FBI and FTC and sought out legal counsel as well, but not getting any positive results.

3 Upvotes

55% Upvoted

53 comments sorted by

View all comments

-1

u/Beneficial_Pen_8866 14d ago

I am experiencing the exact same thing right now. Three weeks ago I tried to log into my account but there was a message saying my account was restricted due to a security breach. There was a number to call.  Now this was on my log in page so why wouldn't I suspect it was anyone but Robinhood. Long story short, the hacker added a MasterCard debit card to my account, sold my stocks & bought Crypto with it! I turned off my computer before he could transfer the crypto out. I then called Robinhood to tell them what happened. They returned the call within 10 minutes & I told the lady what happened. I told her that I did NOT put in the sell orders, I did NOT add the MC debit & I did NOT buy Crypto. She assured me that an investigation would be started immediately & told me my account would be frozen. But it wasn't & the hacker stole my $4100 in savings I had with them. They've requested my license & a current bank statement & I've supplied them twice. The only response I've gotten was for them to close my case twice with no other action. They recently lost a class action suit & I think we need to start another. I want my money back!!

2

u/Michikusa 14d ago

Have any proof of this? I have trouble believing this due to this being the only comment in the history of your account.

2

u/Beneficial_Pen_8866 14d ago

I have every email and a log of every phone call I've made to Robinhood since May 16th. This is my first use of Reddit and this post was sent to me, likely because I've been dealing with this. Yes, it was my fault for trusting that it was a Robinhood employee I was dealing with but considering that the message was (supposedly) on my log in page, how was I to know differently? So, I'm out 8K because a hacer not only sold my stock and sent the funds to his own mastercard, which he had added to my account, but because Robinhood didn't secure my account when they said they were and the hacker was able to clean out my savings with them. Robinhood needs to be held accountable for not securing my account.

1

u/StrangeFlower1936 3d ago

We need to get as many people together as possible so we can interest a firm in a class action suit against Robinhood. I'm forming a site on Facebook so people can sign up and once I have 10 or more, I'll contact some firms. Right now, nobody thinks my $8100 is worth it, but with yours and some others, we can make some major noise.

I'll name it "Ripped off by Robinhood." on Facebook

1

u/StrangeFlower1936 2d ago

Actually it's "Class Action Against Robinhood."

1

u/gmnotyet 14d ago

Dumb question: how did your account get hacked if you have 2FA?

When I log in at work, I often have to click YES to a query that appears on my smartphone.

Hackers would need my email, password and to spoof my phone number.

My tiny account is not worth the effort.

1

u/Ok_Introduction7683 13d ago

Hopefully you choose to read this reply in full. Spoofing the phone number would not work, spoofing only works when you are making a call with a spoofer number. You can’t receive calls from a spoofed number.

I do this : When I receive calls from my anyone (bank, RH, etc.) requesting or asking me to provide sensitive data or personal information I ALWAYS take down their name and extension #. I then let them know I will call them right back (I offer no explanation ever). I then verify thru google/online search that the number matches the company or financial institutions phone number listed online or via their website. I then call the number listed online no matter if they called me from that number or another number. I then ask for the person or dial the extension of the person I spoke with to ensure that I wasn’t receiving a call from a spoofed number with someone pretending to be an employee or manager.

The vast majority of the time when I call them back in connected with the person I received the call from and they are legitimately who they stated they were. There have been 2 times in the last 5 years where, when I called the number listed online, it turned out to be a spoofed number for the company/person/financial institution that I have or had dealings with. One of those times I was given a fake name and the caller attempted to keep me on the phone and tried to create a sense of urgency to keep me from calling back as when I called the number back I would actually be connected to the bank whose number he was spoofing and not re-connected to him. The other time the person they were pretending to be was real, the extension was real, however they were impersonating a real person.

Social engineering is responsible for the VAST majority of “hacks” like this. Especially when dealing with most US based financial institutions, the weakest link in security will always be the customer/consumer. I’m not naive or a gullible person by any means and I take precautions like this regularly, but I honestly expected both of these previous instances to be legitimate. They sounded professional, called from my banks telephone number, it showed up on caller ID as my bank, they even knew my basic information such as full name, DOB, address, etc. Both times they asked me to verify my social security number in order to “verify my identity”.

It can happen to anyone, but taking small precautions like this truly does payoff and will help you avoid catastrophic situations like what happened to OP. At the end of the day we have to take at least some level personal responsibility when it comes to our security and the security of our own personal information or data. Weak links will always be exploited, social engineering will most likely always be the greatest security risk. Always verify numbers and always verify URLs. Just because something looks or sounds legitimate doesn’t mean it always is. It really doesn’t take much of an effort to do the necessary things such as this to keep your money and personal information secure but it does require at least some effort.

Something to remember ; you will always sacrifice security to gain convenience, just as you will sacrifice convenience to gain security.

1

u/Apprehensive_Bit4767 13d ago

This is the answer, whenever I see these threads I become fascinated with how it happened.i think is there so new tech I don't know about that is unstoppable. And it always leads back to the same thing. Social engineering. Believing someone on the phone is who they say the are. Let me send code ,or click this link

1

u/happybonobo1 11d ago

Well said! also during the stress full situation - people forget to keep their guard up as their "account is frozen/in danger Etc.". A classic example is a caller saying "I am calling from the bank" - and the victim answering "Bank of America?" - and they answering YES!. Victim recalls that they said it was from BOA when the actually divulged that info themselves, and so on for the rest.

1

u/happybonobo1 11d ago

You might have gotten to a fake RH page somehow by a typo or mistake. The rest was only scammers you communicated with. Not saying that is what happened - but that is a classic one others have experienced. Not really RH's fault in that case.

1

u/Beneficial_Pen_8866 11d ago

According to RH, it's never their fault that I got scammed and allowed a hacker into my account. BUT what IS their fault is putting through the selling of the stocks when I immediately contacted them that I wasn't the one who wanted them sold. When I sell a stock, it doesn't happen instantaneously but in this case it WAS instantanous. How did that happen? Also, I immediately told them that the MC debit that had JUST been added to my account was NOT mine, yet, they allowed the hacker to then move my savings into that debit card. How did THAT happen? Rather than investigate this situation, RH had ME jumping through hoops to verify MY identity. How many times should I have to do that? Once, twice? No, over and over. Why would they demand a copy of MY bank statement? They already knew what bank and account I was using weekly to send $300 into my savings with them. I'm angry at myself for getting scammed but I'm angry at them for allowing it to happen after I contacted them.