Automated investment platform Betterment admitted last week that hackers broke into some of its systems and accessed non-public personal information of many of its customers.
In an email sent Monday and seen by TechCrunch, Betterment said hackers gained access to some company systems on Jan. 9 through a social engineering attack that involved a “third-party platform” the company uses for marketing and operations.
The company said its customers' names, email and addresses, phone numbers, and dates of birth were compromised in the attack.
As reported by The Verge, this access allowed the hackers to send fraudulent notifications to users claiming to triple the value of the cryptocurrency by transferring $10,000 to wallets controlled by the attackers.
Betterment, which allows customers to invest in cryptocurrencies, also published an announcement about the breach on its website, but did not say how many customers were targeted or how many personal information was accessed, stolen or viewed by the hackers.
Betterment added that it detected the attack the same day and, with the help of an unspecified cybersecurity firm, “immediately revoked the unauthorized access and began a comprehensive investigation, which is ongoing.” Betterment also said it has contacted customers targeted by the hackers and “advised them to ignore the messages.”
“Our ongoing investigation continues to demonstrate that no customer accounts were accessed and no passwords or other login credentials were compromised,” Betterment said in an email.
tech crunch event
San Francisco | October 13-15, 2026
Representatives for Betterment did not immediately respond to a request for comment seeking further details about the attack.
At the time of publication, Betterment's security incident web page contains a “noindex” tag hidden in its source code that instructs search engines to ignore the page, making it more difficult for people searching the web to discover information about the data breach.