The customer data of about 8.2 million past and present customers of the Cash App was compromised in a data breach incident by a former employee recently.
The compromised data included brokerage portfolio values and account numbers, Social Security numbers, birthdays, payment card info, and most other personal information of the customers.
The company immediately took action and blocked the employee's access and informed the targeted customers to be alerted.
Source: https://www.csoonline.com/article/3655997/cash-app-customer-investment-data-hacked.html
TPRM report: https://scoringcyber.rankiteo.com/company/cash-app
"id": "cas16326422",
"linkid": "cash-app",
"type": "Breach",
"date": "04/2022",
"severity": "90",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '8.2 million',
'industry': 'Financial Services',
'name': 'Cash App',
'type': 'Company'}],
'attack_vector': 'Insider Threat',
'data_breach': {'number_of_records_exposed': '8.2 million',
'personally_identifiable_information': ['Social Security '
'numbers',
'birthdays',
'payment card info',
'other personal '
'information'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['brokerage portfolio values',
'account numbers',
'Social Security numbers',
'birthdays',
'payment card info',
'other personal information']},
'description': 'The customer data of about 8.2 million past and present '
'customers of the Cash App was compromised in a data breach '
'incident by a former employee recently.',
'impact': {'data_compromised': ['brokerage portfolio values',
'account numbers',
'Social Security numbers',
'birthdays',
'payment card info',
'other personal information']},
'response': {'communication_strategy': ['Informed the targeted customers to '
'be alerted'],
'containment_measures': ["Blocked the employee's access"]},
'threat_actor': 'Former Employee',
'title': 'Cash App Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}