The popular stock trading app Robinhood sent an email to customers warning that some passwords were mistakenly stored in a readable format and that users should change their passwords, according to a report by CNBC.
In the email, which went out on Wednesday (July 24), the company said the passwords were kept internally in a “plaintext” format, which means they weren’t encrypted and could be easily read. Robinhood didn’t say how many people were affected by the mistake.
“On Monday night, we discovered that some user credentials were stored in a readable format within our internal systems,” the email said to a group of customers. “We wanted to let you know that your Robinhood password may have been included.”
A spokesperson told CNBC that the problem was discovered on Monday (July 22) and that it was not the result of a hack or any sort of breach of the company’s security.
“This did not include all Robinhood customers – only people whose passwords were affected received the email,” a Robinhood spokesperson told CNBC on Thursday (July 25). “We decided to over-communicate with our customers and be forthcoming about this, despite the fact that our investigation found no evidence that any of this information was accessed by employees or outside parties.”
Passwords and other personal information is generally protected by encryption, which jumbles the information so it’s not able to be seen by anyone attempting to intercept it. Google recently dealt with a similar issue, where some of its users’ passwords were also stored in plaintext.
At the end of 2018, Robinhood said it had six million users, which jumped up from four million in August. The company attempted to launch a checking account in December, but failed to do so. It said it has plans to launch a cash account soon.
Robinhood offers commission-free trading and has been quite successful in doing so. The company started in 2013 in Menlo Park, California.