In an email sent on Monday, which TechCrunch has seen, Betterment said that hackers gained access to some company systems on January 9 by way of a social engineering attack, which involved “third-party platforms” that the company uses for marketing and operations.
The company said customer names, email and postal addresses, phone numbers, and dates of birth were compromised in the attack.
Betterment added that it detected the attack on the same day and “immediately revoked the unauthorized access and launched a comprehensive investigation, which is ongoing,” with the help of an unspecified cybersecurity firm. Betterment also said it has reached out to the customers targeted by the hackers and “advised them to disregard the message.”
“Our ongoing investigation has continued to demonstrate that no customer accounts were accessed and that no passwords or other log-in credentials were compromised,” Betterment wrote in the email.
Representatives for Betterment did not immediately respond to a request for comment asking for more details about the attack.
International