Security News > 2022 > April > Cash App notifies 8.2 million US customers about data breach

Cash App is notifying 8.2 million current and former US customers of a data breach after a former employee accessed their account information.

Block, Inc., the owner of Cash App, disclosed in a Form 8-K SEC filing that the breach occurred on December 10th, 2021, after a former employee downloaded internal Cash App reports while no longer employed at the company.

Block says that the reports included Cash App customers' full names and brokerage account numbers associated with investment activity on Cash App.

As first reported by TechCrunch, the data breach did not include more sensitive information, such as credentials, Social Security numbers, and payment information.

"They also did not include any security code, access code, or password used to access Cash App accounts. Other Cash App products and features and customers outside of the United States were not impacted."

"At Cash App we value customer trust and are committed to the security of customers' information. Upon discovery, we took steps to remediate this issue and launched an investigation with the help of a leading forensics firm. We know how these reports were accessed, and we have notified law enforcement. We are also contacting customers whose data was impacted. In addition, we continue to review and strengthen administrative and technical safeguards to protect information."

News URL

https://www.bleepingcomputer.com/news/security/cash-app-notifies-82-million-us-customers-about-data-breach/