Block Notifies 8.2M Customers After Breach of Cash App Investing

A former employee improperly accessed reports related to U.S. customer accounts. The reports did not contain personally identifiable information.

AccessTimeIconApr 6, 2022 at 1:44 p.m. UTC
Updated May 9, 2023 at 3:42 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Block (SQ), formerly known as Square, said Monday that a former employee improperly downloaded Cash App Investing reports containing U.S. customer data. The payments company is notifying some 8.2 million current and former customers about the breach, according to a regulatory filing.

  • The employee had regular access to the reports as part of their job, but the Dec. 10 access occurred after their employment had ended.
  • Block said the reports included the customers’ full name and unique brokerage account. Some customers had more data in the report, including portfolio value, holdings and one day’s trading activity.
  • The reports did not include usernames, passwords, Social Security numbers, birth dates, payment card or bank account information, addresses or other personally identifiable information.
  • Block, whose CEO is Jack Dorsey, said the reports also didn’t include security codes, access codes or passwords for Cash App Investing accounts.
  • The company notified the applicable regulatory authorities and law enforcement about the breach.
  • Block hasn’t completed its investigation into the incident, but doesn’t expect it to impact its operations or financial results.
  • “The company takes the security of information belonging to its customers very seriously and continues to review and strengthen administrative and technical safeguards to protect the information of its customers,” Block said in the filing.
  • Block shares fell 3.6% in early trading to $129.86.
  • What Challenges Do Appchains Solve?
    00:59
    What Challenges Do Appchains Solve?
  • Appchain Protocol Tanssi Raises $6M
    18:57
    Appchain Protocol Tanssi Raises $6M
  • Breaking Down Internet Computer's 40% Rally
    00:59
    Breaking Down Internet Computer's 40% Rally
  • HSBC Brings Tokenized Gold to Hong Kong; Munchables Exploited for $62M
    02:14
    HSBC Brings Tokenized Gold to Hong Kong; Munchables Exploited for $62M
  • Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

    Brandy Betz

    Brandy covered crypto-related venture capital deals for CoinDesk.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.


    Read more about