Betterment customer data leak after January systems breach
Data Leak
Summary
Hide ▲
Show ▼
Betterment suffered a systems breach in January that exposed personal information from about 1.4 million accounts. The stolen dataset included email addresses, names, location data, birthdates, physical addresses, and phone numbers. A later analysis put the exposure at 1,435,174 accounts. The leak matters because it concentrates highly usable identity data tied to a large U.S. robo-advisory customer base.
Related Happenings
7-Eleven hit by network compromise
Incident
First: 19.05.2026 17:16
Last: 19.05.2026 17:16
Sources 1
About this happening:
**7-Eleven** is a **victim-focused breach incident** in which an **unauthorized third party** accessed systems used to store **franchisee documents** on **April 8, 2026**, trigger...
7-Eleven hit by network compromise
IncidentAbout this happening: **7-Eleven** is a **victim-focused breach incident** in which an **unauthorized third party** accessed systems used to store **franchisee documents** on **April 8, 2026**, trigger...
7-Eleven franchisee-docs and Salesforce data leak
Data Leak
First: 18.05.2026 14:25
Last: 18.05.2026 14:25
Sources 1
About this happening:
**7-Eleven** confirmed a **April 8, 2026** intrusion into systems used to store **franchisee documents**, and **ShinyHunters** later claimed the theft of **more than 600,000 Sales...
7-Eleven franchisee-docs and Salesforce data leak
Data LeakAbout this happening: **7-Eleven** confirmed a **April 8, 2026** intrusion into systems used to store **franchisee documents**, and **ShinyHunters** later claimed the theft of **more than 600,000 Sales...
Latest development: 26.05.2026 10:01
Have I Been Pwned analyzed the leaked 7-Eleven data and estimated that the breach exposed personal information for 185,300 people, including names, dates of birth, unique email addresses, phone numbers, and physical addresses. The exposed archive was tied to ShinyHunters' extortion campaign against 7-Eleven and followed the group's leak-site posting after ransom demands were not met.
Zara customer data leak exposing 197,400 people
Data Leak
First: 08.05.2026 13:42
Last: 08.05.2026 13:42
Sources 1
About this happening:
The **Zara** customer-data leak now exposes **197,400 people**, creating privacy and phishing risk across multiple markets. The exposed records include **unique email addresses**,...
Zara customer data leak exposing 197,400 people
Data LeakAbout this happening: The **Zara** customer-data leak now exposes **197,400 people**, creating privacy and phishing risk across multiple markets. The exposed records include **unique email addresses**,...
European Commission hit by cyberattack
Incident
First: 27.03.2026 14:22
Last: 27.03.2026 14:22
Sources 1
About this happening:
The **European Commission** is investigating a **security breach** after a threat actor gained access to its **Amazon cloud infrastructure**. At least **one account** used to mana...
European Commission hit by cyberattack
IncidentAbout this happening: The **European Commission** is investigating a **security breach** after a threat actor gained access to its **Amazon cloud infrastructure**. At least **one account** used to mana...
Latest development: 03.04.2026 09:33
CERT-EU attributes the European Commission cloud breach to TeamPCP, and ShinyHunters published a 90GB archive of documents on a dark web leak site on March 28, exposing names, email addresses, and email content. CERT-EU says the exfiltrated data relates to websites hosted for up to 71 clients of the Europa web hosting service, including 42 internal European Commission clients and at least 29 other Union entities, and no websites were taken offline.
Aura customer data exposed after Aura breach
Data Leak
First: 19.03.2026 00:56
Last: 19.03.2026 00:56
Sources 1
About this happening:
Aura confirmed a **data leak** that exposed nearly **900,000 customer records**, creating privacy and phishing risk for affected customers. The exposed set included **names**, **e...
Aura customer data exposed after Aura breach
Data LeakAbout this happening: Aura confirmed a **data leak** that exposed nearly **900,000 customer records**, creating privacy and phishing risk for affected customers. The exposed set included **names**, **e...
Timeline
-
05.02.2026 13:16 1 articles · 3mo ago
Betterment warns about fraudulent promotion emails
Initial DisclosureBetterment warned that threat actors who gained access to some systems through a social engineering attack sent fraudulent emails disguised as a company promotion, trying to lure targeted customers into a reward scam that claimed to triple cryptocurrency sent to attacker-controlled Bitcoin and Ethereum wallets. The company said the unauthorized access had been removed and that it had no indication the intruder could access Betterment customer accounts.
Show sources
- Data breach at fintech firm Betterment exposes 1.4 million accounts — www.bleepingcomputer.com — 05.02.2026 13:16
-
05.02.2026 13:16 1 articles · 3mo ago
Betterment confirms DDoS attack behind website and mobile app outages
Victim Impact UpdateBetterment confirmed that intermittent website and mobile app outages were caused by a distributed denial-of-service (DDoS) attack after reports that it was being extorted. The company had not yet provided information about the extortion attempt.
Show sources
- Data breach at fintech firm Betterment exposes 1.4 million accounts — www.bleepingcomputer.com — 05.02.2026 13:16
-
05.02.2026 13:16 1 articles · 3mo ago
Betterment forensic review quantifies the data exposure
Technical Analysis UpdateA follow-up forensic investigation conducted with CrowdStrike said no Betterment customer accounts, passwords, or login information were compromised in the January 9 incident, and Betterment said the main privacy impact was customer contact information such as names and emails, with some records also including physical addresses, phone numbers, or birthdates. Have I Been Pwned analyzed the stolen data and said the breach exposed 1,435,174 accounts.
Show sources
- Data breach at fintech firm Betterment exposes 1.4 million accounts — www.bleepingcomputer.com — 05.02.2026 13:16