Critical

Betterment

In January 2026, the automated investment platform Betterment confirmed it had suffered a data breach attributed to a social engineering attack . As part of the incident, Betterment customers received fraudulent crypto-related messages promising high returns if funds were sent to an attacker-control...

Exposed data: Email Addresses Passwords Names Phone Numbers Physical Addresses Dates Of Birth Geographic Locations
Accounts Exposed 1,435,174
1K 100K 10M 1B+

Overview

In January 2026, the automated investment platform Betterment confirmed a significant data breach affecting approximately 1.4 million customers. The incident was the result of a social engineering attack, where employees were manipulated into providing system access. Following the breach, some customers received fraudulent messages promoting fake cryptocurrency investment opportunities designed to steal funds. While Betterment states that customer account access and passwords were not compromised, a substantial amount of personal information was exposed.

What Was Exposed

The breach exposed different tiers of personal data. For all 1.4 million affected individuals, the exposed information includes:

  • Email addresses
  • Full names
  • Geographic location data

For a subset of customers, the following additional sensitive details were also exposed:

  • Dates of birth
  • Phone numbers
  • Physical addresses

Betterment has confirmed that financial account details, Social Security numbers, and passwords were not accessed in this incident.

Potential Impact

The exposure of this personal information creates several serious risks. The combination of your name, email, location, and especially your date of birth and address, gives criminals the key components needed for targeted phishing attacks, identity theft, and fraud. You may receive highly convincing emails or texts (a tactic known as spear-phishing) that reference your personal details to trick you into sending money or revealing more sensitive information. The fraudulent crypto messages sent after the breach are a direct example of this risk. With your physical address and date of birth, criminals could also attempt to apply for credit or services in your name.

Recommendations

If you were a Betterment customer, you should take the following steps immediately:

  1. Change Your Betterment Password: Even though passwords were not exposed in this breach, it is a critical security best practice. Enable two-factor authentication (2FA) on your Betterment account if you have not already done so.
  2. Beware of Targeted Phishing: Be extremely cautious of any emails, texts, or calls that claim to be from Betterment, your bank, or any other service. Do not click on links or provide information. Contact the company directly through their official website or app to verify any communication.
  3. Monitor Financial Accounts: Regularly review your Betterment and linked bank accounts for any unauthorized transactions. Consider setting up account alerts for added security.
  4. Consider a Credit Freeze: Given the exposure of data like your address and date of birth, placing a free credit freeze with the three major bureaus (Equifax, Experian, and TransUnion) is a strong precaution to prevent new accounts from being opened in your name.

How to Check If You’re Affected

The breach has been reported to the free service “Have I Been Pwned.” To check if your email address was included in the Betterment data breach, visit https://haveibeenpwned.com/Breach/Betterment and enter your email address. If you are affected, you should follow the recommendations above. All impacted customers should have also received a direct notification from Betterment.