Last updated 1 week ago
In January 2026, Betterment, an automated investment platform, confirmed a data breach resulting from a social engineering attack. The incident exposed 1.4 million unique email addresses along with names and geographic location data. A subset of records also included dates of birth, phone numbers, and physical addresses. Attackers used the compromised data to send fraudulent crypto-related messages to Betterment customers, promising high returns if funds were sent to an attacker-controlled cryptocurrency wallet. Betterment stated that the breach did not provide attackers with access to customer accounts and did not expose passwords or other login credentials.
Social engineering attack
The breach highlights vulnerabilities in social engineering defenses and employee awareness training. Betterment should implement enhanced multi-factor authentication, stricter verification processes for customer communications, and regular security awareness training focused on identifying social engineering tactics. Additionally, implementing data minimization principles could reduce the impact of future breaches by limiting the amount of sensitive customer information stored.
Company
Industry
Location
Disclosed
Records Affected
Attack Vector