Block Notifies 8.2M Customers After Breach of Cash App Investing

A former employee improperly accessed reports related to U.S. customer accounts. The reports did not contain personally identifiable information.

Block (SQ), formerly known as Square, said Monday that a former employee improperly downloaded Cash App Investing reports containing U.S. customer data. The payments company is notifying some 8.2 million current and former customers about the breach, according to a regulatory filing.

• The employee had regular access to the reports as part of their job, but the Dec. 10 access occurred after their employment had ended.

• Block said the reports included the customers’ full name and unique brokerage account. Some customers had more data in the report, including portfolio value, holdings and one day’s trading activity.

• The reports did not include usernames, passwords, Social Security numbers, birth dates, payment card or bank account information, addresses or other personally identifiable information.

Oh my, this kinda sucks! I remember something similar happening with ledger and I think that case included names, emails, addresses.

Not good! Though not as bad as the ledger one. I’m suffering from that, I get dozens of scam/phishing emails every week…not great for a security company.

It’s high time we stopped treating basic personal information as private. I don’t hide my name and date of birth from anyone, and it is my unique identifier in most cases.
Decentralized service ratings, that’s what will really help separate the gold from the garbage