Skip to main content

Cash App discloses security breach impacting over 8 million users

Cash App, the popular peer-to-peer payment platform that also offers crypto and other stock investing features, is disclosing a security breach affecting 8.2 million of its users. Block, formerly Square, disclosed this breach in a filing with the SEC this week.

The company revealed that a former employee retained access to US customer information despite departing the company months earlier. Cash App is one of the most popular apps for iOS and a competitor to Apple’s own Apple cash service.

As reported by TechCrunch, Cash App is notifying around 8.2 million of its users about this breach. Information potentially accessed by the former employee includes full names and brokerage account numbers. In some instances, the employee also accessed “brokerage portfolio value, brokerage portfolio holdings, and stock trading activity for one trading day.”

In the email to affected Cash App users, Block explains that this employee had “regular access to these reports” as part of their job but retained access after employment. The company declined to provide more details when pressed by TechCrunch:

“While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were accessed without permission after their employment ended,” the filing reads. Block refused to answer our questions about why a former employee still had access to this data, and for how long they retained access after their employment at the company had ended.

In a statement, Cash App spokesperson Danika Owsley explained that it quickly took steps to solve the issue once it was discovered:

“At Cash App we value customer trust and are committed to the security of customers’ information. Upon discovery, we took steps to remediate this issue and launched an investigation with the help of a leading forensics firm. We know how these reports were accessed, and we have notified law enforcement. In addition, we continue to review and strengthen administrative and technical safeguards to protect information.”

At this point, we’re still waiting on more details on exactly how many customers were impacted, with Block only saying that it is notifying 8.2 million of its users. This means that if you were potentially impacted, you can expect to receive, or might have already received, an email from Cash App.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Chance Miller Chance Miller

Chance is the editor-in-chief of 9to5Mac, overseeing the entire site’s operations. He also hosts the 9to5Mac Daily and 9to5Mac Happy Hour podcasts.

You can send tips, questions, and typos to chance@9to5mac.com.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications