The backers of the popular consumer payments app announced Monday that millions of customers are being contacted to warn that some of their personal information may have been compromised. Credit: PeopleImages / Getty Images In an SEC filing made on Monday, Cash App parent company Block, Inc., said that it was working to contact roughly 8.2 million past and present customers of its investment services, as names, brokerage portfolio values and account numbers were compromised in a data breach.According to Block’s form 8-K, a employee who had regular access to the records during their employment downloaded customer records after leaving the company. The reports didn’t contain Cash App usernames or passwords, and the company said that Social Security numbers, birthdays, payment card info and most other types of personally identifiable information weren’t accessed.How cybercriminals can leverage stolen Cash App dataStill, according to experts, the portfolio data accessed represents a serious compromise. Avivah Litan, a distinguished research vice president at Gartner, said that part of the idea with this type of hack might be to identify potentially worthwhile targets for further compromise. “Using this compromised data, a hacker could determine which investors are worth targeting, based on their account values, and how to target them, based on their portfolio holdings and daily trading activity,” she said. “Further, they could integrate the compromised CashApp data with other previously stolen dark net data that potentially exists on the same individual to gain enough information – such as user IDs and passwords at other financial institutions or websites – to effectively socially engineer the user into transferring funds to a criminal account.” The idea that the attack was one step in a longer process was echoed by IDC research director Aaron Press, who said that the potential target – brokerage accounts – made sense, given the specific types of information that were stolen.“There’s no guarantee that this will be of use, and it may not be of value,” he said, “but if someone were interested in attacking a brokerage account, then this would be a place to start.” CSO is currently following this event and will post updates as they become available. Related content news Kroll cyber threat landscape report: AI assists attackers AI is simplifying all sorts of tasks — and not always for the better: cybercriminals, too, are adopting it. By Lynn Greiner May 24, 2024 4 mins Threat and Vulnerability Management Cybercrime Vulnerabilities news analysis Windows Recall — a ‘privacy nightmare’? The Windows AI feature announced by Microsoft this week quickly drew criticism for recording regular screenshots of a user’s screen; one security expert compared it to keylogging software. By Matthew Finnegan May 24, 2024 1 min Privacy feature What is spear phishing? Examples, tactics, and techniques Spear phishing is a targeted email attack purporting to be from a trusted sender. Learn how to recognize—and defeat—this type of phishing attack. By Josh Fruhlinger May 24, 2024 14 mins Phishing Cyberattacks Fraud news analysis Emerging ransomware groups on the rise: Who they are, how they operate New and developing ransomware gangs move to fill the void left by the shutdown and law enforcement disruption of big players, with differing tactics and targets. By Lucian Constantin May 24, 2024 6 mins Ransomware Cybercrime PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe