Over 1.4 million Betterment accounts exposed in data breach

(Image credit: Betterment)

Betterment breach impacted 1,435,174 individuals, confirmed by Have I Been Pwned
Attack stemmed from social engineering against an employee, leading to phishing emails sent via third-party platform access
CrowdStrike investigation found no accounts or credentials compromised; exposed data limited to contact details and some personal information

We now know exactly how many people were affected by the recent data breach at Betterment - 1,435,174. The number was confirmed by Have I Been Pwned?, a company that aggregates email addresses stolen in various cyberattacks.

The investment platform revealed it had been hit in mid-January 2026, and its infrastructure used to send out phishing emails to customers.

At the time, the company said one of its employees was tricked, through social engineering, into sharing login credentials for a third-party software platform it uses.

Emails, names, and geo data

“This means the individual used identity impersonation and deception to gain access, rather than compromising our technical infrastructure,” the notification reads.

Without naming the platform that was abused, Betterment said that the attackers used their access to send “fraudulent, crypto-related messages that appeared to come from Betterment.” A “subset” of customers was targeted, and Betterment reached out to warn about the obvious phishing attack.

While the company did not say how many people were targeted in this attack, Have I Been Pwned said it analyzed the stolen files and concluded they contained 1.4 million records, including email addresses, names, and geographic location data.

Betterment also said that its investigation with CrowdStrike concluded that user accounts were not compromised in the attack.

"Our forensic investigation, supported by the cybersecurity firm, CrowdStrike, has confirmed that no customer accounts, passwords, or login information were compromised as part of the January 9 incident," the company said.

"Our analysis continues to indicate that the primary privacy impact involved certain customer contact information, including names and emails. In a subset of cases, contact information was coupled with other customer information, such as physical addresses, phone numbers, or birthdates."

Betterment has warned its customers to remain vigilant of potential phishing or social engineering attacks coming their way.

Via BleepingComputer

The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.