Stock trading service Robinhood announced that the passwords of a number of users were stored in plaintext, the company is informing impacted ones.

Stock trading service Robinhood admitted to have stored passwords of a number of users in plain text, the company is informing impacted ones via email.

“When you set a password for your Robinhood account, we use an industry-standard process that prevents anyone at our company from reading it. On Monday night, we discovered that some user credentials were stored in a readable format within our internal systems. We wanted to let you know that your Robinhood password may have been included,” reads the email sent by the company to the impacted customers.

At the time it is not clear the number of users that have been impacted by the issue.

Robinhood confirmed to have addressed the issue and the good news for the impacted users is that the financial service hasn’t found evidence that the passwords were accessed by anyone outside its response team.

As a precautionary measure, the company is recommending impacted users to change their passwords.

In the last months, other companies disclosed a similar incident, including Facebook, Google, and Instagram.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – Robinhood, data leak)

The post Stock trading service Robinhood stored passwords in plaintext for some users appeared first on Security Affairs.