January 14th, 2026 | 12:00 PM ET
Service disruption on January 13
Starting at 9:04 AM ET on Tuesday, January 13, Betterment experienced intermittent outages of our website and mobile app due to a distributed denial-of-service (DDoS) attack. A DDoS attack involves unusually high volumes of internet traffic that can temporarily disrupt access. While some customers may have had difficulty logging in, it did not affect the security of customer accounts or our systems.
We began mitigation efforts immediately, restoring partial access by 10:25 AM ET and full access across all services by 2:40 PM ET. Since then, our systems have been operating normally, and we continue to closely monitor them to ensure ongoing stability.
January 12th, 2026 | 10:00 AM ET
Important security update from Betterment
On January 9, an unauthorized individual gained access to certain Betterment systems through social engineering. This means the individual used identity impersonation and deception to gain access, rather than compromising our technical infrastructure. The unauthorized access involved third-party software platforms that Betterment uses to support our marketing and operations.
Once they gained access, the unauthorized individual was able to send a fraudulent, crypto-related message that appeared to come from Betterment to a subset of our customers. We have contacted those customers directly and advised them to disregard the message.
We take this incident very seriously. After the fraudulent message was sent on January 9, our teams immediately revoked the unauthorized access and launched a comprehensive investigation, which is ongoing. We have also engaged a leading cybersecurity firm to assist with our investigation.
Your Betterment account is protected by multiple layers of security, and our ongoing investigation has continued to demonstrate that no customer accounts were accessed and that no passwords or other log-in credentials were compromised. However, we believe the unauthorized individual did access other customer information, including certain names, email addresses, physical addresses, phone numbers, and birthdates. We will follow up with additional details as soon as we are able to do so.
We encourage all customers to remain vigilant and to be cautious of unexpected communications. Please remember that Betterment will never call, text, or email you with a request to share your password or other sensitive personal information.
We will continue to provide updates here and will publish a post-incident review once our investigation is complete. In parallel, we are reviewing and strengthening our controls and training to further protect against social engineering attempts.
January 10th, 2026 | 3:00 PM ET
Update on unauthorized crypto message
On January 9, an unauthorized individual gained access to certain Betterment systems, which allowed them to represent themselves as Betterment and send a fraudulent crypto offer to some customers. This is not a real offer and should be disregarded. If you clicked on the offer notification, it did not compromise the security of your Betterment account.
Immediately after becoming aware of this incident, we initiated an investigation, which is ongoing. The unauthorized access has been removed, and at this time we have no indication that the unauthorized individual had any access to Betterment customer accounts.
We sincerely apologize for this situation. We are treating this matter with the highest priority and are committed to providing further updates as we have more information. We will also follow up with a post-incident review once the investigation concludes.
January 9th, 2026 | 7:00 PM ET
Important update regarding unauthorized message
Earlier this evening you may have received a message referencing a crypto-related Betterment promotion.
This was an unauthorized message sent via a third-party system we use for marketing and other customer communications. Please note that this is not a real offer and should be disregarded. We apologize for any confusion.