SoFi takes the privacy and security of its members’ financial and personal information very seriously. We maintain industry-standard administrative, technical, and physical safeguards designed to protect your information’s confidentiality and integrity. Our systems and security controls are reviewed by third parties against security standards such as SSAE18 SOC2 and PCI DSS, and rigorous third-party penetration testing is done at least annually.
If there is a suspected password compromise by a 3rd party service, SoFi requires you to reset your password upon your next login. You can only bypass this process 1 time before you will have to reset your password in order to gain access to your account.