Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1810+ Articles
149+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. News
  3. Cash App Owner to Pay $45 Million Over Lax Security Allegations
Cash App Owner to Pay $45 Million Over Lax Security Allegations
NEWS

Cash App Owner to Pay $45 Million Over Lax Security Allegations

Block, Inc. — the company behind Cash App — has agreed to pay $45 million to settle a bipartisan multi-state investigation alleging the fintech firm misled users by promising bank-level security protections it never actually delivered.

Dylan H.

News Desk

July 9, 2026
3 min read

Block, Inc., the financial technology company that owns Cash App, has agreed to pay $45 million to settle allegations brought by a coalition of state attorneys general that the company failed to implement adequate security controls and misled users about the level of protection their accounts received.

The settlement, announced Wednesday, was led by a bipartisan group of AGs who alleged that Block promised Cash App users the same protections as a traditional bank — a claim that prosecutors say was materially false.

Background

Cash App has faced scrutiny over its security practices for several years. A significant data breach in 2022 — carried out by a former employee who downloaded sensitive records of approximately 8.2 million customers — first brought federal attention to the company's internal access controls.

The current settlement expands on those concerns, alleging that Block:

  • Overstated security protections by marketing Cash App as offering bank-equivalent safeguards
  • Failed to adequately respond to fraud reports and unauthorized transaction claims from users
  • Lacked sufficient identity verification and account protection measures for a platform handling billions in transactions
  • Violated state consumer protection laws by misrepresenting the safety of funds held within the app

Terms of the Settlement

Under the $45 million agreement, Block must:

  1. Implement enhanced fraud detection and prevention measures
  2. Improve its customer support response for unauthorized transaction claims
  3. Strengthen identity verification at account creation and for high-value transactions
  4. Submit to third-party security audits for a defined period

The settlement does not require Block to admit wrongdoing.

Why This Matters for Consumers

Cash App operates in a regulatory grey zone that has long frustrated consumer advocates. Unlike traditional banks, which fall under FDIC insurance and strict federal oversight, peer-to-peer payment apps like Cash App, Venmo, and Zelle have historically faced lighter-touch regulation.

Users who store significant balances in Cash App — rather than transferring funds to an insured bank account — carry risk that many do not fully understand. The settlement highlights:

  • Unauthorized transactions on Cash App are not automatically reimbursed the way credit card fraud is
  • Stored balances in payment apps are generally not FDIC-insured
  • Fraud recovery depends heavily on the platform's own policies, which can be inconsistently applied

The Broader Regulatory Trend

This settlement is part of a broader regulatory movement targeting fintech companies that have grown rapidly while security and compliance infrastructure lagged. The Consumer Financial Protection Bureau (CFPB) and state AGs have increasingly turned their attention to:

  • Payment apps handling consumer funds without bank-equivalent protections
  • "Buy Now, Pay Later" providers with opaque dispute resolution
  • Crypto exchanges and wallets marketing security features they cannot substantiate

Block is not alone. Similar enforcement actions have been pursued or threatened against other major payment platforms in recent years.

What Cash App Users Should Do

If you actively use Cash App:

  1. Transfer funds to a traditional bank account promptly — do not use Cash App as a savings vehicle
  2. Enable two-factor authentication and a unique, strong PIN
  3. Review recent transactions and dispute any unauthorized activity immediately
  4. Understand dispute limits — Cash App's policies on fraud reimbursement differ from credit card protections

The $45 million penalty, while significant for consumers, represents a fraction of Block's annual revenue. Whether it translates to meaningful security improvements will depend on regulatory follow-through.

#Fintech#Enforcement#Data Breach#Compliance#Privacy

Related Articles

23andMe $47 Million Settlement Approved for 7 Million Breach Victims

A bankruptcy administrator has approved a $47 million settlement fund for roughly 7 million 23andMe customers whose genetic and health data was stolen by...

4 min read

Japanese Energy Firm Loses Drive with Data of 10.9 Million Clients

Kyushu Electric Power Co., Inc. has disclosed a physical security incident exposing private data of more than 10 million customers after a hard drive...

3 min read

Maine Breach Portal Abused to Publish Fake Data Breach Disclosures

Fraudulent data breach disclosures were submitted to Maine's official breach notification portal and publicly posted before legitimacy could be verified,...

3 min read
Back to all News