Jack Dorsey's Block has recently confirmed the company experienced a data breach. As per the company's note, a former employee could download reports coming from Cash App, containing customer information of users from the United States.
Block Confirms Cash App was Breached by a Former Employee
Block is the new name for what was previously known as Square, as seen on a Securities and Exchange Commission (SEC) filing that revealed the breach. Block confirmed that reports were accessed on December 10 2021, by an insider.
The filing revealed that while the employee was able to get regular access to the particular breached data as part of the responsibilities of their last job, the data, however, was accessed in certain incidents without permission after their employment was ended.
What Cash App Customer Data was Accessed During the Breach?
According to the story by TechCrunch, no answer was given on why the former Block employee was still able to access the important data. There was also no news given regarding how long they could keep their access despite the end of their employment.
Information accessed includes the full names and brokerage account numbers of their users. Some users also had their brokerage portfolio value accessed along with brokerage portfolio holdings and stock trading activity for the period of a trading day.
Block Declined to Reveal the Number of Affected Customers, but Estimations Say 8.2 Million
As per the report, Block, a San Francisco-based company, declined to reveal how many customers of their Cash App were impacted. Estimations, however, say that an approximation of 8.2 million current and former customers were affected by the incident.
Block assures the public that no other information aside from names was accessed during the incident. This means Social Security numbers, passwords, payment card information, or addresses have been breached.
Cash App Users Outside the United States Remain Safe as Per Filing
The filing states that other products and features of Cash App for customers outside of the United States remained safe. After the incident was discovered four months after the breach, the company has already launched an internal investigation and assures that they have notified law enforcement and the applicable regulatory authorities.
Danika Owsley, a Cash App spokesperson, gave a statement to TechCrunch saying that they value the trust their customers give and are committed to providing security regarding their customers' information.
Read Also: Norton Phishing Scam Uses Personal Info to Steal Money from Victims
Block Spokesperson Says Company Took Needed Steps to Remediate and Launch an Investigation
Owsley noted that when they discovered the issue, they took the needed steps to remediate it and launched an investigation with the help of a leading forensics firm. The spokesperson said they already knew how the reports were accessed, and law enforcement was notified.
The spokesperson also said that they continue to review and strengthen the current administrative and "technical safeguards to protect information."
Related Article: NCSC Cybersecurity Chief Warns Citizens About Using Russian Technology
This article is owned by Tech Times
Written by Urian B.
