Betterment Got Got: The ShinyHunters Voice Phishing Attack

Betterment Got Got: The ShinyHunters Voice Phishing Attack

From dontgetgot by dontgetgot

March 4, 2026 · 14 min · Episode 25

About this episode

This episode details a voice phishing attack on Betterment that led to a significant data breach.

On January 9th, 2026, a Betterment employee got a phone call from IT. The voice was friendly. The request was routine. The login page looked exactly like the one he used every day. Three minutes later, hackers had full access to the systems Betterment uses to communicate with millions of customers, and they used those systems to send a crypto scam from Betterment's own channels. Within two weeks, 1.4 million customer records were dumped on the dark web. This is the story of how ShinyHunters, one of the most active cybercrime groups in the world, used a voice phishing call to breach one of America's biggest investment platforms. No malware. No code exploits. Just a phone call and a push notification. We tell the full story from the employee's perspective and break down what you can do to make sure it doesn't happen to you.

People in this episode

Host: dontgetgot

Topics covered

  • cybersecurity
  • voice phishing
  • data breach
  • investment platforms
  • cybercrime

Keywords

  • Betterment
  • ShinyHunters
  • voice phishing
  • cybercrime
  • data breach
  • crypto scam
  • customer records

Mentioned in this episode

Organizations: Betterment, ShinyHunters

More episodes of dontgetgot

Explore listener stats, chart rankings, contacts and more on the dontgetgot podcast page.