Block, the parent company of the popular mobile payment service Cash App, recently confirmed Cash App suffered a data breach by a former employee. As a result, it notified over 8.2 million current and former U.S. customers.
Previously known as “Square” and now going by Block, the company shared this information with the SEC, although we only have a few details thus far. The data breach took place back in December of 2021, and it looks like the breach included a host of personal information, but specific credentials were unaffected.
The reports suggest that the ex-employee gathered customer names, brokerage account numbers, portfolio information, and even some stock trading activities. Basically, millions of customers’ names were potentially compromised. However, Block states that passwords, usernames, and more sensitive information like Social Security numbers or bank details were not part of the breach.
Block said the person responsible for the Cash App data breach had access to this information for their job responsibility. It should have immediately been terminated when the employee left. Furthermore, Block is aware of how the person accessed the data and instantly took steps to remedy the situation.
Unfortunately, we don’t know how many users actually had their data accessed, but Block did confirm it has reached out to over 8.2 million customers over the situation. The data breach only affects those in the United States.
Either way, we suggest that all Cash App users take precautions, and just to be safe, update their passwords as soon as possible. If you’re not using a password manager yet, now would be a good time to start.
via Tech Radar