On Monday, financial services and digital payment company, Block, Inc., filed a report stating that the company had suffered a data breach when a former Cash App employee accessed customer records without permission.
The breach occurred on December 10, 2021, when the former employee accessed and downloaded customer reports within the company's database.
Block, the parent company of Cash App, submitted a filing to the US Securities and Exchange Commission on April 4, publicly acknowledging the breach.
The company did not say how many customers were impacted by the breach, but told TechCrunch that it was contacting 8.2 million current and former users about the incident.
The reports included clients' full names and brokerage account numbers. In addition, some clients had their brokerage portfolio value, holdings, and stock trading activity exposed for one day.
No personally identifiable information beyond names was accessed, according to Block. User names, passwords, Social Security numbers, home addresses, and payment info were unlikely to be exposed.
The company also stated that other Cash App-related products and features outside of the United States were not affected.
Block notes that the company launched an internal investigation immediately after discovering the breach. In addition, the company is seeking the help of appropriate regulatory authorities and law enforcement.
Block, formerly known as Square, is known for its Square Reader platform. However, the company has many other ventures, including Tidal, a music streaming service, Spiral, the company's cryptocurrency branch, and Cash App.
6 Comments
My co-worker discovered two weeks ago that someone was in the process of stealing his identity. Credit cards were attempting to be opened and a change-of-mailing address filled out. He was able to stop it during the initial application process when a bank contacted him directly about some strange email addresses being used to open up credit card accounts in his name.
Couldn’t have happened to a nicer company…