A former employee of Block, formerly known as Square, inappropriately accessed Cash App Investing reports, including U.S. client data, the company said Monday. According to a regulatory statement, the payments business is alerting 8.2 M current and past clients about the hack. According to the company’s SEC filing, on December 10th, an ex-employee copied multiple reports, including client information. Full names, brokerage tab numbers, portfolio value, brokerage portfolio holdings, and inventory trading activity reports were among the data stolen.
Only clients who utilized Cash App’s stock feature may be affected by the hack, according to the lawsuit. While Cash Software began as a peer-to-peer payment app, it now allows clients to purchase stocks and Bitcoin.
Cash App Breach Only Affects US Users
According to the corporation, the hack did not affect any other Cash App functionality than stocks, nor did it affect any clients outside the USA. The reports also didn’t provide security codes, access codes, or passwords for Cash App Investing accounts, according to Block, whose CEO is Jack Dorsey. The violation was reported to the applicable regulatory management and decree enforcement. Block’s investigation into the event is still ongoing, but the company does not expect it to have an impact on its operations or financial performance.
Block has opened an official inquiry into the event and notified authorities. It also intends to send an email to all 8.2 million customers affected by the attack.
According to the petition, as a CashApp employee, the ex-employee had access to client information. However, they had already been gone from the organization for several months when the hack happened. It’s unclear how such sensitive information may still be retrieved by a former employee.