SoFi takes the privacy and security of its members’ financial and personal information very seriously. We maintain industry-standard administrative, technical, and physical safeguards designed to protect your information’s confidentiality and integrity. Our systems and security controls are reviewed by third parties against security standards such as SSAE18 SOC2 and PCI DSS, and rigorous third-party penetration testing is done at least annually.
If there is a possible password compromise by a 3rd party service, SoFi will send the member an email to inform them. SoFi will recommend resetting the password out of an abundance of caution, but it will not be required.