Crypto platform Block, co-founded by Twitter CEO Jack Dorsey, had compromised its financial data months ago. After the platform submitted a filing to the American government regulator, the Securities and Exchange Commission (SEC), the breach came to light. A former Block employee executed the disturbing breach.

While other decentralized finance (DeFi) firms suffered attacks from external actors, this attack is different, for it was done by someone who was once part of the organization.

The SEC filing revealed that the perpetrator went through the investment reports of Block’s Cash App in December 2021.

“While this employee had regular access to these reports as part of their past job responsibilities, in this instance, these reports were accessed without permission after their employment ended,” Block mentioned in the filing.

Useful Link: Passwordless Authentication: All You Need To Know!

The Attack

While Block stated no passwords, usernames, and personal data such as social security numbers and payment card information were not compromised in the breach. “The (investment) reports did not include usernames or passwords, Social Security numbers, date of birth, payment card information, addresses, bank account information, or any other personally identifiable information,” Block said.

“They also did not include any security code, access code, or password used to access Cash App accounts. Other Cash App products and features (other than stock activity) and customers outside of the United States were not impacted.”

“At Cash App we value customer trust and are committed to the security of customers’ information,” Cash App spokesman Danika Owsley said in a statement.

“Upon discovery, we took steps to remediate this issue and launched an investigation with the help of a leading forensics firm. We know how these reports were accessed, and we have notified law enforcement. We are also contacting customers whose data was impacted. In addition, we continue to review and strengthen administrative and technical safeguards to protect information.”

Useful Link: Understanding the Security Threats that Remote Working Poses

Future of Block

Despite the incident, Block is bullish on its cryptocurrency strategy. Despite its exceptional execution, the breach appears to have affected the non-crypto operations of Block.

Block experienced 18% quarterly basis growth and grew 37% year-on-year as per its Q4 report, made public in February 2022. This growth was reported after the breach. The crypto platform raked in USD 2.6 billion in revenue and reaped USD 518 million in profits. The Cash App brought in USD 10.01 billion revenue in Bitcoin and USD 218 million in profits from these Bitcoin operations.

While Block could sustain the breach, not every organization has Jack Dorsey at its helm. Insider threats and breaches are one of the major ones which plague many organizations of any scale. This should be the primary motivation for you to secure your business with Stealthlabs. We study your business and plug the loopholes to prevent embarrassing situations such as these.

So, reach out to us and fix whatever gaping holes your organization has.

Contact Us

More Cyber Security News:

• Ronin Network and The World’s Biggest Crypto Heist!
• Microsoft Breach 2022! Product Source Code Compromised
• Red Cross Data Breach Compromises Thousands of Records
• Number Of Cyber Attacks In 2021 Peaked All-time High
• Researchers Discover Microsoft Defender Flaw that Enables Hackers to Evade Detection!