Posted On April 5, 2022 Consumer Privacy & Data Breaches
On April 4, 2022, Block, Inc. (formerly Square, Inc.) confirmed that a former employee downloaded reports from Cash App containing sensitive information belonging to U.S. customers. The data affected by the breach includes users’ full names, brokerage account numbers, brokerage portfolio value, brokerage portfolio holdings and/or stock trading activity for one trading day.
It is essential those who receive a data breach notification from Block understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the Block data breach. As a part of our investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Block.
In 2021, there were 1,862 data breaches affecting more than 189,000,000 individuals. Victims of identity theft spend, on average, 200 hours and more than $1,300 recovering their identity. Many of these victims also suffer credit damage, emotional distress, and may even end up with a criminal record. Taking immediate action is the best way to prevent the worst consequences of a data breach.
In a filing with the Security and Exchange Commission on April 4, 2022, Block confirmed the details of the data breach. Evidently, the breach involved a former employee who regularly had access to CashApp reports during their employment. On December 10, 2021, after the employee no longer worked for the company, they downloaded certain CashApp reports containing sensitive information belonging to users.
In response to this discovery, Block conducted a review of the leaked reports. The company explained that it is in the process of contacting the 8.2 million current and former app users to inform them of the breach, what information was compromised, and what steps they can take to reduce the risk of fraud or unauthorized access to their accounts.
The CashApp reports contained users’ full names, brokerage account numbers, brokerage portfolio value, brokerage portfolio holdings and/or stock trading activity for one trading day. The company explained that none of the leaked reports contained Social Security numbers, dates of birth, payment card information, addresses, bank account information, or any other personally identifiable information.
Block, Inc., formerly known as Square, Inc., is a financial technology and digital payments company based in San Francisco, California. The company owns a variety of businesses including Square, CashApp, Afterpay, Weebly, and Tidal. Block, Inc. has approximately 8,500 employees and generates roughly $17 billion in annual revenue.
When you allowed CashApp access to your personal data, you trusted the company to keep your sensitive information safe. However, news of the CashApp data breach raises some very serious questions about the company’s data security measures and whether the company could have done more to prevent this type of cyber-attack.
Regardless of the industry, all businesses have a legal obligation to protect consumer information in their possession. Although creating and maintaining a data security system is costly, this is a necessary expense given the frequency with which cyberattacks occur.
Consumers whose personal, identifying, financial or healthcare-related data was compromised in a data breach can pursue legal action against a company that misused or mishandled their information. However, the investigation into the Block breach is only in its beginning phases. For that reason, it is too early to tell if CashApp was legally responsible for the breach. However, our data breach attorneys are investigating the Block security breach to determine the potential legal remedies of those affected.
If you have questions about your ability to pursue a data breach class action lawsuit against CashApp, contact a data breach attorney as soon as possible.
If you receive a data breach notification from CashApp in the coming weeks, it means your personal data was compromised in the recent cyberattack. It also means a cybercriminal may have had access to—and may have stolen—your personal data. Given the risks involved, it is important you remain vigilant by taking the following steps:
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the CashApp data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.