- The enhancement breach affected 1,435,174 people, confirmed by Have I Been Pwned
- The attack arose from social engineering against an employee, resulting in phishing emails being sent through access to a third-party platform.
- CrowdStrike’s investigation found no compromised accounts or credentials; The data exposed is limited to contact details and certain personal information.
We now know exactly how many people were affected by the recent Betterment data breach: 1,435,174. The figure was confirmed by Have I Been Pwned?, a company that aggregates email addresses stolen in various cyberattacks.
The investment platform revealed that it had been attacked in mid-January 2026 and that its infrastructure was used to send phishing emails to clients.
At the time, the company said one of its employees was tricked, through social engineering, into sharing login credentials for a third-party software platform it uses.
Emails, names and geographic data
“This means that the individual used phishing and deception to gain access, rather than compromising our technical infrastructure,” the notice reads.
Without naming the platform that was abused, Betterment said the attackers used their access to send “fraudulent cryptocurrency-related messages that appeared to come from Betterment.” A “subset” of customers were targeted and Betterment reached out to warn about the obvious phishing attack.
While the company did not say how many people were targeted in this attack, Have I Been Pwned said it analyzed the stolen files and concluded that they contained 1.4 million records, including email addresses, names, and geographic location data.
Betterment also said its investigation with CrowdStrike concluded that no user accounts were compromised in the attack.
“Our forensic investigation, supported by cybersecurity firm CrowdStrike, has confirmed that no customer accounts, passwords, or login information were compromised as part of the January 9 incident,” the company said.
“Our analysis continues to indicate that the primary privacy impact involved certain customer contact information, including names and emails. In a subset of cases, the contact information was combined with other customer information, such as physical addresses, phone numbers, or dates of birth.”
Betterment has warned its customers to remain alert for potential phishing or social engineering attacks coming their way.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
