Cash App Notifies 8.2 Million U.S. Customers of Data Breach

Cash Apps is notifying 8.2 million current and former customers in the United States of a data breach caused by a former employee accessing their account information.

Block, Inc. which owns Cash App disclosed that the breach occurred on December 10, F2021 after a former employee downloaded an internal Cash App report while not employed by the company.

The report included the full names of Cash App customers and brokerage account numbers associated with their investment activities at Cash App.

For some clients, additional information was included in the report, such as portfolio values, holdings, and in some cases, trading activity on the trading day.

The data breach does not include more sensitive information such as authentication information, Social Security numbers, or payment information.

This report does not contain usernames, passwords, social security numbers, dates of birth, payment card information, addresses, bank account information, or other personally identifiable information

It also does not contain any security codes, access codes or passwords used to access your Cash App account. Other Cash App products and features (other than equity activity) and customers outside the United States are not affected.

At Cash App, we value your trust and are committed to keeping your information secure. Following our discovery, we took steps to remedy this issue and initiated an investigation with the assistance of a leading forensic firm. We are aware of how these reports were accessed and have notified law enforcement. We are also contacting customers whose data has been affected. In addition, we continue to review and enhance our administrative and technical safeguards to protect information.

Block says it is notifying the 8.2 million customers affected by the breach to provide further information about the incident.

The company also said it has notified regulators and law enforcement about the breach.

Leave a Reply

Your email address will not be published.