SoFi confirms – SoFi says it detected unauthorized access to a database connected to a third-party vendor at its Hong Kong investment unit, after hackers gained entry on April 30, 2026. The company is still investigating what data may have been exposed and is urging customers
For SoFi Hong Kong customers, the warning arrived with a date attached: April 30, 2026.
In emails sent to customers, SoFi disclosed that it discovered an incident after detecting unauthorized access to a database at a third-party vendor. The access targeted information tied to SoFi Securities (Hong Kong) Limited, its Hong Kong unit providing investment and securities services.
SoFi is a U.S.-based financial technology company that offers banking, investing, loans, and other personal finance services. Through SoFi Hong Kong, it serves customers in the region with investment and securities offerings.
The company said it found the unauthorized access on April 30, 2026. After discovering the incident, it engaged a third-party cybersecurity firm to respond.
SoFi’s investigation is still ongoing. and the company says it does not yet know the specific categories of personal data that may have been exposed. In the email sent to customers. the company wrote: “We do not yet have complete information about the scope and impact of the incident. or whether (and. if so. which categories of) your personal data was involved.” The message added: “We are actively reviewing the situation and taking extra precautions to keep your account secure.”.
A SoFi spokesperson confirmed the breach in a statement shared with BleepingComputer, but declined to answer additional questions. The company did not provide details on how many customers were affected, whether it was extorted, or the identity of the third-party vendor involved.
Even without clarity on what was taken, SoFi Hong Kong told customers to respond as if their accounts could be targeted next. It warned people to remain vigilant for phishing attempts, suspicious communications, and unusual account activity.
The company also advised customers to update passwords, enable two-factor authentication where possible, monitor financial accounts for suspicious activity, and avoid opening links or attachments in unsolicited emails or messages.
For accounts potentially impacted, SoFi said it has added additional safeguards and monitoring. It also said it may request additional verification information from customers who contact support or make account changes.
Customers seeking more information were directed to a Hong Kong support line, +852 26938888, and an email address, hello@sofi.hk.
SoFi SoFi Hong Kong data breach third-party vendor cybersecurity incident SoFi Securities (Hong Kong) Limited phishing two-factor authentication customer warning financial technology personal data