Automated investment platform Betterment has confirmed that hackers broke into some of its systems last week and accessed the personal information of an unknown number of its customers.
In an email sent Monday seen by TechCrunch, Betterment said hackers gained access to some company systems on Jan. 9 through a social engineering attack that involved “third-party platforms” the company uses for marketing and operations.
The company said customer names, email and postal addresses, phone numbers and dates of birth were compromised in the attack.
With this access, the hackers were able to send a fraudulent notification to users, claiming to triple the value of their crypto by sending $10,000 to a wallet controlled by the attacker, according to The Verge.
Improvement, which allows customers to invest in crypto, too issued a statement about the breach on its website, but did not disclose how many customers were targeted, or how many had their personal information accessed, stolen or seen by the hackers.
Betterment added that it detected the attack the same day and “immediately revoked the unauthorized access and launched a comprehensive investigation, which is ongoing,” with the help of an unspecified cybersecurity firm. Betterment also said it has contacted customers targeted by the hackers and “advised them to ignore the message.”
“Our ongoing investigation continued to demonstrate that no customer accounts were accessed and no passwords or other login credentials were compromised,” Betterment wrote in the email.
Techcrunch event
San Francisco
|
13-15 October 2026
Betterment representatives did not immediately respond to a request for comment seeking more details about the attack.
As of publication, Betterment’s security incident website contains a hidden “noindex” tag. in its source code, which tells search engines to ignore the page, making it harder for anyone searching the web to discover information about the data breach.
