Skip to main content

Cash App breach impacts millions of U.S. customers

Block, formerly Square, has revealed a security breach impacting up to 8.2 million current and former users of Cash App, its mobile payment and investment service.

The San Francisco-based company said in a recent filing with the U.S. Securities and Exchange Commission that the breach was an inside job allegedly carried out by a former employee.

Recommended Videos

It’s believed that the suspect downloaded stock-related reports from Cash App last December, with the stolen data containing details linked to a number of U.S. customers.

“While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were accessed without permission after their employment ended,” Block said in the filing.

The company said the customer information in the reports included full name and brokerage account number and in some cases the brokerage portfolio value, brokerage portfolio holdings, and/or stock trading activity for one trading day.

The reports did not include usernames or passwords, Social Security numbers, date of birth, payment card information, addresses, bank account information, or any other personally identifiable information, Block said.

Security codes, access codes, and passwords used to access Cash App accounts were also not involved in the breach.

Block’s response

In a widely reported statement, Block said that upon discovering the breach, it “took steps to remediate this issue and launched an investigation with the help of a leading forensics firm.”

It continued: “We know how these reports were accessed, and we have notified law enforcement. We are also contacting customers whose data was impacted. In addition, we continue to review and strengthen administrative and technical safeguards to protect information.”

Block describes Cash App as “the easiest way to send, spend, save, and invest your money. It’s the safe, fast, and free mobile banking app.”

Block started life as Square in 2009 to make financial transactions easier. Cash App, with stock trading features, followed four years later. The company was set up by Jim McKelvey and Twitter co-founder and former CEO Jack Dorsey, who continues to lead Block.

Looking for an alternative to Cash App? Digital Trends has you covered.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Personal data of 69 million Neopets users is now up for sale after a data breach
Person typing on a computer keyboard.

Neopets, an aged website that lets users keep virtual pets and take care of them, just suffered a major data breach. Aside from the personal data of over 69 million users, the hacker was able to obtain the website's source code.

This isn't the first time Neopets has faced a massive leak, but this time around, user data is currently being sold for crypto -- and the leak includes more than just usernames and passwords.

Read more
Gmail app hits 10 billion Play Store downloads, holds 53% of U.S. email market
Close up of various Google app icons including Google, Gmail, and Maps.

Google launched Gmail on April 1, 2004, and in 2022, the service hit a new milestone, with 10 billion downloads on the Google Play Store -- a figure that represents 53% of the U.S. email market. This makes Gmail the fourth app on the Play Store to achieve this landmark; the first three were Google Play Services (a requirement for nearly all Android phones that use Google services), YouTube, and Google Maps.

As of January 11, the Google Play Store shows that Google Chrome and Google Search have also crossed the 10 billion downloads mark. Meanwhile, Google Photos is trailing a little behind, at over 5 billion downloads.

Read more
WhatsApp launches crypto-powered mobile payments in the U.S.
WhatsApp Messenger on an iPhone.

WhatsApp has launched a digital payments pilot in the U.S., allowing a limited number of people to send and receive money with the same ease they would a regular message. This payment feature is powered by the Meta-owned Novi digital wallet service, which uses Pax Dollars (USDP) to facilitate transfers, and they all go through instantly.

Meta launched Novi back in 2020, saying, "With Novi, sending money will be as easy as sending a message. You’ll be able to use Novi as a stand-alone app, as well as in Messenger and WhatsApp. There will be no hidden charges to add, send, receive or withdraw money, and your transfers will arrive instantly. All Novi customers will be verified using government-issued ID, and fraud protections will be built in throughout the app."

Read more