Cyber Attack cyber

Cash App

May 6, 2024 1 min read
Cash App

In December 2021, Block, Inc. disclosed a cybersecurity incident involving its subsidiary company, Cash App. A former employee exploited insider access to download internal reports, impacting more than 8 million former and current Cash App Investing customers. Despite the breach, the company assured that no personally identifiable information, such as usernames, passwords, or Social Security Numbers, was compromised in the incident. This insider data theft underscores the significant risks associated with insider threats and highlights the necessity for stringent data access controls and monitoring.

Source: https://www.ekransystem.com/en/blog/top-10-cyber-security-breaches

TPRM report: https://scoringcyber.rankiteo.com/company/cash-app

"id": "cas313050624",
"linkid": "cash-app",
"type": "Cyber Attack",
"date": "12/2021",
"severity": "N/A",
"impact": "",
"explanation": "N/A"
{'affected_entities': [{'customers_affected': 'More than 8 million',
                        'industry': 'Financial Services',
                        'name': 'Block, Inc.',
                        'type': 'Company'}],
 'attack_vector': 'Insider Threat',
 'data_breach': {'number_of_records_exposed': 'More than 8 million',
                 'personally_identifiable_information': 'None',
                 'type_of_data_compromised': 'Internal Reports'},
 'date_detected': 'December 2021',
 'date_publicly_disclosed': 'December 2021',
 'description': 'In December 2021, Block, Inc. disclosed a cybersecurity '
                'incident involving its subsidiary company, Cash App. A former '
                'employee exploited insider access to download internal '
                'reports, impacting more than 8 million former and current '
                'Cash App Investing customers. Despite the breach, the company '
                'assured that no personally identifiable information, such as '
                'usernames, passwords, or Social Security Numbers, was '
                'compromised in the incident. This insider data theft '
                'underscores the significant risks associated with insider '
                'threats and highlights the necessity for stringent data '
                'access controls and monitoring.',
 'impact': {'data_compromised': 'Internal Reports'},
 'lessons_learned': 'Stringent data access controls and monitoring are '
                    'necessary to mitigate insider threats.',
 'motivation': 'Unknown',
 'threat_actor': 'Former Employee',
 'title': 'Block, Inc. Cash App Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Insider Access'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.