Betterment Data Breach

08/01/2026 · 1,435,174 records · moderate risk

0 /100

Gravity Score

Moderate

Calculated based on the types of data exposed (9 categories) and the volume of affected records (1,435,174).

Some incidents cause harm not by stealing passwords, but by giving attackers enough personal context to run convincing scams. When contact details and background info are exposed, fraudulent messages can feel trustworthy and push people into sending money.

Betterment confirmed a breach it attributed to social engineering. Customers were targeted with fake crypto themed outreach promising high returns if funds were transferred to an attacker controlled wallet.

The exposed information included email addresses, names, and location related data. A subset also contained dates of birth, phone numbers, physical addresses, and work related details like employer and job title, which can make impersonation attempts more believable.

Around 1.4 million unique email addresses were involved. Betterment stated that customer accounts were not accessed and no passwords or login credentials were exposed, but the leaked profile data still supports highly targeted fraud attempts.

Exposed data

Dates of birth Device information Email addresses Employers Geographic locations Job titles Names Phone numbers Physical addresses

What to do based on this breach

Ignore and report crypto investment messages that use your name, employer, or city, as these details may be used to tailor scams

Turn on account alerts for your investment and bank accounts to spot suspicious activity quickly

Update your phone number and address only through Betterment’s official channels to reduce the risk of communication being redirected

Request a copy of the personal data held about you and ask for correction or deletion of what is not necessary, in line with GDPR rights

What can we learn from this breach?

The main lesson is that contact details, location data, and employment information can power highly convincing scams even without passwords being stolen. Organisations should train staff against social engineering and tightly control internal access to customer lists. Data minimisation and clear retention policies are also key security and privacy practices.

Was your data exposed?

Check now if your email appears in this breach. It's free, takes 30 seconds and requires no signup.

Check my email

Related breaches

WIRED

07/09/2025 2,364,431 records moderate risk

6 data types in common

Canadian Tire

01/10/2025 38,306,562 records high risk

5 data types in common

← All breaches