SoFi says hackers got into a database used by SoFi Securities (Hong Kong) Limited through a third-party vendor, potentially exposing customer information. The company said it detected the unauthorized access on April 30, 2026 and is still investigating what data and how many customers were affected. SoFi has not named the vendor, disclosed the attack method, or said whether extortion was involved.
Why it matters: Customers of SoFi Hong Kong could face phishing, fraud, or account-targeting attempts even though the full scope is still unknown. Affected users should be cautious of unsolicited messages, change passwords, enable two-factor authentication where available, and closely monitor financial accounts.
Lawrence Abrams
2026.06.08
100% relevant
This article appears to be the first tracked report confirming SoFi's disclosure of the vendor-related breach at its Hong Kong subsidiary and establishing the core facts of the incident.
← Back to all stories