Block Reveals Cash App Data Breach by Insider

Block, formerly Square, has revealed a Cash app data breach in which a former employee downloaded unspecified reports relating to its Cash App Investing that contained information about its US customers.

“While this employee had regular access to these reports as part of their previous job responsibilities, in this instance these reports were accessed without permission after their employment ended,” the company disclosed in an April 4 filing with the US. Securities and Exchange Commission. (SEC).

Cash App is marketed by Block as “the simplest way to send money, spend money, save money, and buy cryptocurrency.”

The breach is said to have happened in December 2021, with the downloaded reports containing customers’ complete names, brokerage account numbers, and, in some cases, brokerage portfolio value, brokerage portfolio holdings, and stock trading activity for one trading day.

In the filing, the San Francisco-based business stressed that the reports did not include individually identifiable information such as usernames or passwords, Social Security numbers, dates of birth, payment card information, addresses, or bank account details.

It’s unclear how many users were affected by the cash app data breach, but Block, which said it only recently found the incident, said it’s contacting approximately 8.2 million current and former customers as part of its response efforts.

Get Legit Cash App Money Transfer  Now

What you can achieve with our Cashapp transfer service is unlimited unless you don’t know how to do business or probably spend money.

WHAT DETAILS DO WE NEED FROM YOU TO COMPLETE TRANSACTION?

  • Cashtag $name
  • Cashapp Email
  • Cashapp Account Holder’s Full Name (To help us send with description to the holder)
  • Let us know of any specific instructions you will want us to add to your transfer, but if there are none then we will handle it

However, it is unclear when the breach was discovered and how a former employee of the business was able to access several records containing customer information.

Cash App has had a tumultuous security history, primarily in the area of customer account compromise. Almost all online reviews for Cash App include complaints about account hacking and financial fraud, with some customers posting tweets about their account compromise experiences.

But the prevalence of account compromise attempts isn’t necessarily indicative of security vulnerabilities on the Cash App platform. Since the pandemic began, cybercriminals have been taking advantage of increasing concerns over the security of online funds by, ironically, fooling finance app users into falling for fraudulent account compromise messages leading to credential theft.

While a formal investigation is being conducted, the financial platform stated that it has informed law enforcement and that it “continues to review and strengthen administrative and technical safeguards to protect its customers’ information.”

“The company does not currently believe the incident will have a material impact on its business, operations, or financial results,” Block added.

Block reported $2.6 billion in revenue and $518 million in gross profit during the company’s fourth-quarter results, which grew 18% and 37% year over year, respectively.

Cash App made $10.01 billion in bitcoin revenue and $218 million in bitcoin gross profit in 2021, an increase of 119% and 124% year on year. Cash App processed over 44 million transactions in December, a 22% rise year over year.

Get Legit Cash App Money Transfer  Now

What you can achieve with our Cashapp transfer service is unlimited unless you don’t know how to do business or probably spend money.

WHAT DETAILS DO WE NEED FROM YOU TO COMPLETE TRANSACTION?

  • Cashtag $name
  • Cashapp Email
  • Cashapp Account Holder’s Full Name (To help us send with description to the holder)
  • Let us know of any specific instructions you will want us to add to your transfer, but if there are none then we will handle it

Best Ways to Avoid Similar Cash App Data Breach

The Cash App data breach was made feasible by a lack of critical security controls. By incorporating these controls into your cybersecurity program, your company may be able to escape a similar fate.

1. Restriction of Account Access for Former and Soon-to-Be Former Employees

The Cash App breach could have been avoided if the terminated employee had lost access to their accounts instantly. IT teams should ideally be prepared to immediately disable account access via account management systems following a termination notice, particularly if the employee is likely to resort to retaliatory actions.

Malicious employees are not a new danger to Cash App. According to a Wall Street Journal poll, nearly 70% of businesses are worried about insider threats.

2. Implement a Data Leak Detection Solution

A data leak is an unidentified exposure of confidential information caused by software misconfigurations or data dumps on the dark web, such as the Cash App listings on dark web markets.

Dark web data leaks are the most prevalent and also the most difficult to manage type of data leak. Following a data breach, cybercriminals almost always sell their bounty of stolen account information on dark web marketplaces. Though these are serious security breaches, they are not the most dangerous form of data leak because a payment gateway prevents unrestricted access to listings.

3. Enable all Accounts securities with MFA

Cash App accounts do not have passwords in order to minimize login delay and provide a better user experience. When a user tries to log in, they must first prove their identity by entering a verification code sent to their email or phone number. The issue with this login method is that it can be abused by compromising a victim’s email address. Given that most email addresses have already been compromised in major data breaches, and that most people have a poor habit of recycling passwords across multiple solutions, this Cash App login pathway isn’t difficult to intercept.

All user accounts must be protected with MFA to prevent data breaches from happening through exploited login pathways. When developing an MFA protocol, keep these frequent MFA bypass methods in mind.

 

Click Here to Get Legit Cash App Money Transfer

 

Get $500 Cashapp Get $750 Cashapp | Get $1k Cashapp | Get $2k Cashapp Get $5k Cashapp  | Get $4k CAshapp 

cashapp flip legit store

Leave a Comment

Your email address will not be published. Required fields are marked *