Search

Cash App Notifies 8.2 Million U.S. Customers of Data Breach

Cyber threats and incidents
By Evan Rowe

Related

Cyber threats and incidents

Nearly 800 Hungarian Government Passwords Found Exposed Online Ahead of Election

What happened Nearly 800 Hungarian government email and password combinations...
Read more
Cyber threats and incidents

OpenAI Tightens macOS App Verification After Axios Supply-Chain Security Incident

What happened OpenAI tightened verification controls for its macOS apps...
Read more
Cyber threats and incidents

Critical Marimo Pre-Auth RCE Flaw Now Under Active Exploitation

What happened A critical vulnerability in the open-source Python notebook...
Read more
Cyber threats and incidents

Cash App Notifies 8.2 Million U.S. Customers of Data Breach

What happened Cash App disclosed a data breach affecting about...
Read more
Cyber threats and incidents

Hacker Stole £700,000 From UK Energy Company by Redirecting Payment

What happened A hacker stole £700,000 from a UK energy...
Read more

Share

What happened

Cash App disclosed a data breach affecting about 8.2 million current and former U.S. customers after a former employee downloaded internal reports containing customer information on Dec. 10, 2021. Parent company Block said it determined the unauthorized access involved Cash App Investing customer data and disclosed the incident in April 2022. The exposed information included brokerage account numbers and, for some customers, brokerage portfolio value, holdings, and stock trading activity for one trading day. The company said usernames, passwords, Social Security numbers, dates of birth, payment card information, bank account information, and other personally identifiable information were not included in the affected reports. 

Who is affected

The direct exposure affected current and former U.S. customers of Cash App Investing. The incident did not involve the broader Cash App peer-to-peer payment service population generally, but rather customers tied to the investing product whose information appeared in the downloaded reports. 

Why CISOs should care

This incident matters because it shows how insider or former-employee access can expose customer financial account information even without an external intrusion. It also highlights the risk created when access to internal reports is not fully cut off after employment ends, particularly in financial services environments where account-level data can still create meaningful customer exposure even if core identity fields are not included. 

3 practical actions

  1. Review offboarding controls: Make sure access to internal reports, data exports, and customer datasets is fully revoked as soon as employment ends.
  2. Treat internal reports as sensitive data stores: Apply monitoring and access restrictions to reporting systems that may contain financial or account-level customer data.
  3. Scope affected customer segments precisely: Separate the impacted product population quickly so communications and remediation focus on the customers actually exposed.

For more news about incidents involving exposure of personal information, click Data Breach to read more.

Previous article
Hacker Stole £700,000 From UK Energy Company by Redirecting Payment
Next article
Critical Marimo Pre-Auth RCE Flaw Now Under Active Exploitation
Cyber threats and incidents

Nearly 800 Hungarian Government Passwords Found Exposed Online Ahead of Election

What happened Nearly 800 Hungarian government email and password combinations...
Cyber threats and incidents

OpenAI Tightens macOS App Verification After Axios Supply-Chain Security Incident

What happened OpenAI tightened verification controls for its macOS apps...

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.