Links on Android Authority may earn us a commission. Learn more.
Former employee stole Cash App customer data
- Block has filed an SEC report detailing a massive, internal breach.
- Data for 8.2 million customers was improperly accessed and downloaded.
Block has filed a report with the Securities and Exchange Commission (SEC), disclosing that a former employee stole Cash App customer data.
Cash App used to be known as Square Cash before Square was reorganized as Block. Cash App now forms one of the main “blocks” comprising the new company. Unfortunately, the company is at the center of a security breach, with an employee accessing and downloading data after their employment was terminated.
The company’s SEC filing described the event:
On April 4, 2022, Block, Inc. (the “Company”) announced that it recently determined that a former employee downloaded certain reports of its subsidiary Cash App Investing LLC (“Cash App Investing”) on December 10, 2021 that contained some U.S. customer information. While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were accessed without permission after their employment ended.
The report goes on to say the stolen information included full names and brokerage account numbers, as well as portfolio values, holdings, and a single day’s trading activity for a number of accounts.
Fortunately, the information did not include additional, more sensitive information, such as usernames, passwords, dates of birth, Social Security numbers, bank accounts, addresses, payment information, or other personally identifiable information. The information also did not include other security access information, such as PIN numbers, access codes, or Cash App passwords.
Block has already enrolled the help of a leading forensics investigative firm, as well as the authorities, and is currently notifying 8.2 million former and current customers of the breach.