SoFi confirms third-party data breach at Hong Kong subsidiary
SoFi has confirmed a data breach involving unauthorized access to a database at a third-party vendor supporting its Hong Kong subsidiary, SoFi Securities (Hong Kong) Limited. The breach was discovered on April 30, 2026, and the investigation is ongoing, with the company not yet knowing the full scope or specific data exposed. SoFi has engaged a third-party cybersecurity firm to respond and has implemented additional safeguards and monitoring. Customers have been advised to remain vigilant for phishing and suspicious activity, update passwords, enable two-factor authentication, and monitor accounts closely. The company has not disclosed the number of affected customers or the identity of the vendor involved. Support contact information has been provided for affected customers.
AI Analysis
Technical Summary
SoFi, a U.S.-based fintech company, confirmed a data breach at its Hong Kong subsidiary due to unauthorized access to a third-party vendor's database. The incident was detected on April 30, 2026, and involves potential exposure of customer information, though the exact data compromised remains unknown. SoFi is actively investigating, working with a cybersecurity firm, and has enhanced security measures on affected accounts. Customers have been warned about phishing risks and advised on protective actions. The company has not disclosed detailed impact metrics or vendor identity.
Potential Impact
The breach potentially exposes customer information held by SoFi Securities (Hong Kong) Limited through a third-party vendor. The exact nature and extent of the data compromised are currently unknown. This situation poses risks of phishing, fraud, and unauthorized account access. SoFi has not reported extortion or confirmed the number of affected customers. The ongoing investigation means the full impact remains to be determined.
Mitigation Recommendations
SoFi has engaged a third-party cybersecurity firm and implemented additional safeguards and monitoring on affected accounts. Customers are advised to update passwords, enable two-factor authentication, monitor accounts for suspicious activity, and avoid interacting with unsolicited communications. SoFi may require additional verification for account changes. No official patch or fix applies as this is a breach involving a third-party vendor. Customers should use the provided Hong Kong support line and email for further assistance.
SoFi confirms third-party data breach at Hong Kong subsidiary
Description
SoFi has confirmed a data breach involving unauthorized access to a database at a third-party vendor supporting its Hong Kong subsidiary, SoFi Securities (Hong Kong) Limited. The breach was discovered on April 30, 2026, and the investigation is ongoing, with the company not yet knowing the full scope or specific data exposed. SoFi has engaged a third-party cybersecurity firm to respond and has implemented additional safeguards and monitoring. Customers have been advised to remain vigilant for phishing and suspicious activity, update passwords, enable two-factor authentication, and monitor accounts closely. The company has not disclosed the number of affected customers or the identity of the vendor involved. Support contact information has been provided for affected customers.
Reddit Discussion
SoFi Hong Kong is warning that it suffered a data breach after hackers gained access to a database at a third-party vendor containing customer information.
The company is a U.S.-based financial technology company that offers banking, investing, loans, and other personal finance services. The company also operates SoFi Hong Kong, which provides investment and securities services to customers in the region.
In emails sent to customers and shared with BleepingComputer, SoFi said it discovered the incident on April 30, 2026, after detecting unauthorized access to a database of SoFi Securities (Hong Kong) Limited via one of its vendors.
After discovering the incident, they engaged with a third-party cybersecurity firm to respond.
The company says its investigation is ongoing and that it still does not know which specific data may have been exposed.
"We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved," reads the email sent to SoFi customers.
"We are actively reviewing the situation and taking extra precautions to keep your account secure."
Email sent to SoFi Hong Kong customers
Source: BleepingComputer
In a statement shared with BleepingComputer, a SoFi spokesperson confirmed the breach but declined to answer additional questions regarding the incident, including how many customers were affected, whether the company was extorted, or the identity of the third-party vendor involved.
While SoFi has not disclosed what information may have been exposed, the company warned customers to remain vigilant for phishing attempts, suspicious communications, and unusual account activity.
The company also advised customers to update passwords, enable two-factor authentication where possible, monitor financial accounts for suspicious activity, and avoid opening links or attachments in unsolicited emails or messages.
SoFi says it has added additional safeguards and monitoring to affected accounts and may request additional verification information from customers who contact support or make account changes.
The company provided a Hong Kong support line (+852 26938888) and email address (hello@sofi.hk) for customers seeking additional information.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
SoFi, a U.S.-based fintech company, confirmed a data breach at its Hong Kong subsidiary due to unauthorized access to a third-party vendor's database. The incident was detected on April 30, 2026, and involves potential exposure of customer information, though the exact data compromised remains unknown. SoFi is actively investigating, working with a cybersecurity firm, and has enhanced security measures on affected accounts. Customers have been warned about phishing risks and advised on protective actions. The company has not disclosed detailed impact metrics or vendor identity.
Potential Impact
The breach potentially exposes customer information held by SoFi Securities (Hong Kong) Limited through a third-party vendor. The exact nature and extent of the data compromised are currently unknown. This situation poses risks of phishing, fraud, and unauthorized account access. SoFi has not reported extortion or confirmed the number of affected customers. The ongoing investigation means the full impact remains to be determined.
Mitigation Recommendations
SoFi has engaged a third-party cybersecurity firm and implemented additional safeguards and monitoring on affected accounts. Customers are advised to update passwords, enable two-factor authentication, monitor accounts for suspicious activity, and avoid interacting with unsolicited communications. SoFi may require additional verification for account changes. No official patch or fix applies as this is a breach involving a third-party vendor. Customers should use the provided Hong Kong support line and email for further assistance.
Technical Details
- Source Type
- Subreddit
- cybersecurity
- Reddit Score
- 0
- Discussion Level
- minimal
- Content Source
- reddit_link_post
- Post Type
- link
- Domain
- null
- Newsworthiness Assessment
- {"score":43,"reasons":["external_link","newsworthy_keywords:data breach,breach","urgent_news_indicators","established_author","very_recent"],"isNewsworthy":true,"foundNewsworthy":["data breach","breach"],"foundNonNewsworthy":[]}
- Has External Source
- false
- Trusted Domain
- false
Threat ID: 6a273fb1e29bf47b50af36a5
Added to database: 6/8/2026, 10:18:25 PM
Last enriched: 6/8/2026, 10:18:30 PM
Last updated: 6/9/2026, 4:37:43 AM
Views: 13
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.