Cash App Will Pay 15 Million to Settle Data Leak — Are You Eligible?

Cash App, a leading mobile payment platform operated by Block Inc., formerly known as Square, is set to pay $15 million in connection with a major data breach. This breach was discovered in December 2021compromised data belonging to approximately 8.2 million users.

Details of violation and blocking claims

According to Block’s filing with the US Securities and Exchange Commission (SEC).the breach occurred when a former employee downloaded reports on December 10, 2021, that contained sensitive customer information, including full names and brokerage account numbers.

Additional data such as portfolio value and intraday trading activity were also compromised for some users. Importantly, the reports did not include highly sensitive information such as passwords, social security numbers, card information or bank details.

Obligations of Block Inc. and next steps

The bloc reaffirmed its commitment to the security of user data in its public disclosures, saying the company had taken steps to strengthen both technical and administrative security measures following the breach. The company also assured stakeholders that while the investigation into the breach is ongoing, its business operations and financial stability are expected to remain intact.

As reported BleepingComputerA Cash App representative made the following statement:

“At Cash App, we value customer trust and care about the security of customer information. When we discovered this issue, we took steps to fix it and started an investigation with a leading forensics firm. We are aware of how these reports were accessed and have notified law enforcement. In addition, we continue to review and strengthen administrative and technical data protection safeguards.

Right to compensation

Cash App users affected by the breach who meet these criteria may seek compensation:

User status

To be eligible for compensation, you must fall into one of the following categories:

• Current users: If you are an active user of Cash App or Cash App Investing, you qualify as a current user. This applies to anyone who has recently transacted or maintained an active account profile during the specified period.
• Former users: Even if you no longer use the Cash App or have deactivated your account, you may still be eligible. Former users who had active accounts at any time during the eligibility period are included.

Service usage time

The breach involved data compromised between August 23, 2018 and August 20, 2024. Your eligibility depends on whether you used Cash App or Cash App Investing at any point during that nearly six-year period. This window covers:

• Initial exposure: Users who had accounts or transactions around the time the former employee accessed sensitive information in December 2021.
• Constant use: individuals who maintained their accounts before or after the breach are also counted, providing a wide range of potentially affected users.

Type of incident

The compensation is intended specifically for users who have experienced one of the following:

• Unauthorized access: If you notice suspicious activity, such as unauthorized transactions or changes to your account, you may fall into this category. This may include situations where your account or financial data has been accessed without your consent.
• Disclosure of personal data: Even if no unauthorized transactions were detected, users whose personal information was exposed during the breach, such as full names, account numbers, portfolio values ​​or trading activity, can file a claim. While highly sensitive data such as social security numbers and bank details were reportedly not compromised, other identifying information could still have been leaked.

Next steps for eligible users

If you believe you meet these criteria, you should submit a claim through the dedicated settlement portal at cashappsecuritysettlement.com. Make sure you gather any relevant documentation or evidence to support your claim, such as:

• Correspondence from Cash App about unauthorized access.
• Bank statements indicating unauthorized charges.
• Proof of expenses incurred, such as credit monitoring services.

The deadline to submit claims is November 18, 2024, so act now to get your compensation. If you received a notification with a notification ID and confirmation code, please have these details ready when submitting your claim.