https://www.vice.com/en_us/article/epxdmn/robinhood-hackers-internal-tool-security-features

The hackers behind the recent breach of customer data from app-based broker Robinhood had access to an internal tool that presented them the option of tampering with user accounts, including removing specific users’ multi-factor authentication protections, according to screenshots of the tool obtained by Motherboard. Robinhood said that based on its investigation, the hackers did not make any changes to any customers’ accounts, however.

The news highlights the potential risks that hackers can pose beyond simply stealing sensitive data. The screenshots of the tool also show buttons for logging a user out of their account, adding a trusted device, and blocking certain sessions from accessing the Robinhood account. The screenshots also show the hackers could view sensitive information on users, such as their balances and trades.