Item 8.01 Other Events.
On April 4, 2022, Block, Inc. (the "Company") announced that it recently
determined that a former employee downloaded certain reports of its subsidiary
Cash App Investing LLC ("Cash App Investing") on December 10, 2021 that
contained some U.S. customer information. While this employee had regular access
to these reports as part of their past job responsibilities, in this instance
these reports were accessed without permission after their employment ended.
The information in the reports included full name and brokerage account number
(this is the unique identification number associated with a customer's stock
activity on Cash App Investing), and for some customers also included brokerage
portfolio value, brokerage portfolio holdings and/or stock trading activity for
one trading day.
The reports did not include usernames or passwords, Social Security numbers,
date of birth, payment card information, addresses, bank account information, or
any other personally identifiable information. They also did not include any
security code, access code, or password used to access Cash App accounts. Other
Cash App products and features (other than stock activity) and customers outside
of the United States were not impacted.
Upon discovery, the Company and its outside counsel launched an investigation
with the help of a leading forensics firm. Cash App Investing is contacting
approximately 8.2 million current and former customers to provide them with
information about this incident and sharing resources with them to answer their
questions. The Company is also notifying the applicable regulatory authorities
and has notified law enforcement.
The Company takes the security of information belonging to its customers very
seriously and continues to review and strengthen administrative and technical
safeguards to protect the information of its customers. Future costs associated
with this incident are difficult to predict. Although the Company has not yet
completed its investigation of the incident, based on its preliminary assessment
and on the information currently known, the Company does not currently believe
the incident will have a material impact on its business, operations, or
financial results.
Forward-Looking Statements
This Current Report on Form 8-K contains forward-looking statements within the
meaning of the Safe Harbor provisions of the Private Securities Litigation
Reform Act of 1995. In some cases, forward-looking statements can be identified
by terms such as "may," "will," "appears," "should," "expects," "plans,"
"anticipates," "could," "intends," "target," "projects," "contemplates,"
"believes," "estimates," "predicts," "potential," or "continue," or the negative
of these words or other similar terms or expressions that concern our
expectations, strategy, plans, or intentions. All statements other than
statements of historical fact could be deemed forward-looking, including, but
not limited to, statements regarding the future performance of Block, Inc. and
its consolidated subsidiaries. Examples of forward-looking statements in this
Current Report on Form 8-K include, among others, statements concerning the
Company's plans, objectives, goals, and beliefs regarding the data security
incident related to Cash App Investing described in this Current Report on Form
8-K, including the nature of the information that may have been downloaded from
its systems, the Company's mitigation and prevention efforts, and the impact of
the incident on the Company's business, operations, and financial results. Such
statements are subject to a number of known and unknown risks, uncertainties,
assumptions, and other factors that may cause the Company's actual results,
performance, or achievements to differ materially from results expressed or
implied in this Current Report on Form 8-K. Investors are cautioned not to place
undue reliance on these statements. Among the factors that could cause actual
results to differ materially from those indicated in the forward-looking
statements are risks and uncertainties associated with the ongoing investigation
of the incident, risks related security breaches or incidents or human error in
administering the Company's software, hardware, and systems, as well as other
risks listed or described from time to time in the Company's filings with the
Securities and Exchange Commission (the "SEC"), including the Company's Annual
Report on Form 10-K filed with the SEC on February 24, 2022. All forward-looking
statements are based on information and estimates available to the Company at
the time of this Current Report on Form 8-K and are not guarantees of future
performance. Except as required by law, the Company assumes no obligation to
update any of the statements in this Current Report on Form 8-K.
--------------------------------------------------------------------------------
© Edgar Online, source Glimpses