Hackers made off with the data of mns of Robinhood users last week, the digital trading platform said in a blog post on Monday. The data breach did not include users’ banking information and led to no financial losses, Robinhood said. The hackers used social engineering tactics to gain access to the email addresses of 5 mn users and the full names of a separate 2 mn people through a Robinhood customer service employee, according to the app—a scam that we’ve seen deployed increasingly of late.

Meanwhile, the US has brought charges against one Ukranian and one Russian in connection with the Russia-linked REvil ransomware attack earlier this year, in addition to seizing USD 6.1 mn in ransom payments made to one of the alleged attackers, according to a US Justice Department press release. The alleged hackers behind the attacks on US businesses and government entities — including multinational software company Kaseya — are being charged with conspiracy to commit fraud and money laundering, among other counts, which could land them each over a hundred years in prison if found guilty on all charges. Yaroslav Vasinskyi, the 22 year old Ukranian national who is currently in US custody has reportedly received USD 2.3 mn in ransom payments while Russian Yevgeniy Polyanin, who reportedly collected USD 6.1 mn from the attacks remains at large outside the US.

PSA- We’ve been noticing and hearing of more phishing attacks taking place here. We urge you to be careful and really make sure you know what link it is you’re clicking on before you do. We also highly recommend that your tech teams stay vigilant and educate other team members on how to spot phishing attacks and avoid them. It’s the Wild West out there, so, be careful, folks.