Over 8 million customers affected in Cash App data breach

The breach occurred on December 10, 2021, when the former employee accessed and downloaded customer reports within the company's database.

Block, the parent company of Cash App, submitted a filing to the US Securities and Exchange Commission on April 4, publicly acknowledging the breach.

The company did not say how many customers were impacted by the breach, but told TechCrunch that it was contacting 8.2 million current and former users about the incident.

The reports included clients' full names and brokerage account numbers. In addition, some clients had their brokerage portfolio value, holdings, and stock trading activity exposed for one day.

No personally identifiable information beyond names was accessed, according to Block. User names, passwords, Social Security numbers, home addresses, and payment info were unlikely to be exposed.

The company also stated that other Cash App-related products and features outside of the United States were not affected.

Block notes that the company launched an internal investigation immediately after discovering the breach. In addition, the company is seeking the help of appropriate regulatory authorities and law enforcement.

Block, formerly known as Square, is known for its Square Reader platform. However, the company has many other ventures, including Tidal, a music streaming service, Spiral, the company's cryptocurrency branch, and Cash App.