Jack Dorsey’s Block, the parent company of Cash App, states it is seeking to contact around 8.2M users of its investment services, after a data breach exposed names, brokerage portfolio values, and account numbers.
According to Block’s form 8-K filing to the SEC, Block’s digital wallet Cash App’s investment customer data was taken by a former Block employee. As per the statement, the incident occurred on December 10, 2021.
The filing states, “While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were accessed without permission after their employment ended.”
Full name and brokerage account number, brokerage portfolio value, brokerage portfolio holdings, and/or stock trading activity for one trading day were also included in the reports that the ex employee downloaded.
According to Block, no personally identifiable information was taken. User names, passwords, social security numbers, date of birth, and access codes were not harmed. Customers in the United States are the only ones affected by the breach.
Cash App’s investment arm is contacting 8.2M current and former customers to offer them information about the issue and to share resources to answer their inquiries.
The company also stated that it has alerted the appropriate regulatory authorities as well as law enforcement.
“Although the company has not yet completed its investigation of the incident, based on its preliminary assessment and on the information currently known, the company does not currently believe the incident will have a material impact on its business, operations or financial results” the filing noted.
Just two days back plaintiffs filed a case against Ledger & Shopify in the United District Court of Delaware for a massive data breach for failing to protect its users’ identities. The plaintiffs are demanding compensation that covers punitive damages, actual damage, and attorney’s fees and costs.
