Hackers breached the systems of Betterment that exposed data tied to 1.4 million accounts.

The fintech company manages roughly $65 billion in assets and is considered a leader in the “robo-advisory” space.

How the Betterment Data Breach Happened

An unauthorized individual used social engineering to access certain Betterment systems. Rather than exploiting a technical flaw, the attacker relied on identity impersonation to break through defenses.

Once inside, they gained entry to third-party software platforms used for marketing and customer communications.

The following types of personal information were exposed:

• Email addresses and full names
• Dates of birth
• Physical addresses and phone numbers
• Device information and geographic location data
• Employers’ locations and job titles

TROYPOINT Tip: Protect your identity and personal info from a data breach by using Aura Identity Theft Protection which is TROYPOINT’s recommended identity theft protection.

Aura Identity Theft Protection Review

After gaining access, the attacker sent fraudulent emails disguised as a Betterment promotion. These messages attempted to lure customers into a cryptocurrency scam. On January 13, the company also experienced outages from a distributed denial-of-service (DDoS) attack.

Betterment’s Response

Betterment says the primary privacy impact involved contact information such as names and email addresses. In some cases, that data was paired with phone numbers, addresses, or birthdates. Betterment plans to publish a post-incident review within 60 days.

If you have an active Betterment account, we suggest doing the following to protect yourself:

• Change your password and turn on two-factor authentication right away
• Watch for suspicious emails referencing Betterment promotions, especially anything tied to cryptocurrency
• Place a fraud alert on your credit file and monitor your financial accounts closely for unauthorized activity.

Final Thoughts

The Betterment data breach is another reminder that no financial platform is immune from attack. Social engineering remains one of the most effective weapons in a hacker’s playbook, and consumers are left dealing with the fallout.

Take your online security seriously and consider identity theft protection to stay ahead of bad actors.

For more details on this story, refer to the official statement from Betterment and the report from BleepingComputer.

We want to know your thoughts. What do you think about this story? Let us know in the comment section below!

Be sure to stay up-to-date with the latest streaming news, reviews, tips, and more by following the TROYPOINT Advisor with updates weekly.