- Enhancement breach affected 1,435,174 people, confirmed by Have I Been Pwned
- The attack stemmed from social engineering against an employee, leading to phishing emails sent via third-party platform access
- CrowdStrike investigation found no accounts or credentials compromised; exposed data limited to contact information and some personal information
We now know exactly how many people were affected by the latest data breach at Betterment – 1,435,174. The number was confirmed by Have I Been Pwned?, a company that collects email addresses stolen in various cyber attacks.
The investment platform revealed that it had been hit in mid-January 2026 and its infrastructure is being used to send phishing emails to customers.
At the time, the company said one of its employees was tricked, through social engineering, into sharing login information for a third-party software platform it uses.
Emails, names and geodata
“This means the individual used impersonation and deception to gain access, rather than compromising our technical infrastructure,” the announcement reads.
Without naming the platform that was abused, Betterment said the attackers used their access to send “fraudulent, crypto-related messages that appeared to come from Betterment.” A “subset” of customers was targeted, and Betterment reached out to warn about the apparent phishing attack.
While the company did not say how many people were targeted in this attack, Have I Been Pwned said it analyzed the stolen files and concluded they contained 1.4 million records, including email addresses, names and geographic location data.
Betterment also said its investigation with CrowdStrike concluded that user accounts were not compromised in the attack.
“Our forensic investigation, supported by cybersecurity firm CrowdStrike, has confirmed that no customer accounts, passwords or login information were compromised as part of the January 9 incident,” the company said.
“Our analysis continues to show that the primary privacy impact involved certain customer contact information, including names and emails. In a subset of cases, contact information was coupled with other customer information, such as physical addresses, phone numbers, or dates of birth.”
Betterment has warned its customers to remain vigilant for potential phishing or social engineering attacks coming their way.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
