- The enhancement violation affected 1,435,174 people, confirmed by Have I Been Pwned
- The attack originated from social engineering against an employee, leading to the sending of phishing emails via access to a third-party platform.
- The CrowdStrike investigation did not reveal any compromised accounts or logins; exposed data limited to contact details and certain personal information
We now know exactly how many people were affected by the recent data breach at Betterment: 1,435,174. The number was confirmed by Have I Been Pwned?, a company that aggregates email addresses stolen in various cyberattacks.
The investment platform revealed that it was hit in mid-January 2026 and its infrastructure was used to send phishing emails to clients.
At the time, the company said one of its employees was tricked, through social engineering, into sharing login credentials for a third-party software platform it uses.
Emails, names and geographic data
“This means the individual used impersonation and deception to gain access, rather than compromise, our technical infrastructure,” the notification said.
Without naming the platform that was abused, Betterment said the attackers used their access to send “fraudulent crypto-related messages that appeared to come from Betterment.” A “subset” of customers were targeted and Betterment contacted to warn of the obvious phishing attack.
Although the company did not say how many people were targeted in this attack, Have I Been Pwned said it analyzed the stolen files and concluded that they contained 1.4 million records, including email addresses, names and geographic location data.
Betterment also said its investigation with CrowdStrike concluded that user accounts were not compromised in the attack.
“Our forensic investigation, supported by cybersecurity firm CrowdStrike, has confirmed that no customer accounts, passwords or login information were compromised in connection with the January 9 incident,” the company said.
“Our analysis continues to indicate that the primary privacy impact involved certain customer contact information, including names and email addresses. In a subset of cases, contact information was combined with other customer information, such as physical addresses, phone numbers, or dates of birth.”
Betterment warned its customers to remain vigilant for possible phishing or social engineering attacks that could happen to them.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
