Caracas – The Venezuelan fintech platform Cashea confirmed a significant data breach this weekend, impacting potentially millions of users. The company, which offers a “Buy Now, Pay Later” service, stated that its technical team, along with international cybersecurity specialists, immediately addressed the incident after its detection on February 21st. The breach comes amid growing concerns about data security in the rapidly expanding fintech sector in Venezuela.
Cashea, a leading provider of installment payment options in the country, assured customers that the application remains operational and that user accounts and those of its commercial allies were not compromised. “Despite unauthorized access to a portion of our internal information, we want to assure you that the integrity of our users has not been compromised,” the company stated in a public communication. “The authentication systems, passwords, and direct access credentials of millions of users and partner businesses remain under strict protection and were not affected.”
The incident was initially flagged by VECERTRadar, a cybersecurity monitoring service, which reported the publication of a database containing over 79 million transaction records, according to Yahoo Finance and Cactus24. Even as the extent of the compromised data is still being assessed, the sheer volume raises concerns about potential misuse of financial information.
Details to be Shared with Affected Users
Cashea has pledged to provide detailed information to users potentially affected by the data breach. In a subsequent communication, the company stated that individuals connected to the incident will receive an email “between today and tomorrow” outlining the specifics of the breach and the additional security measures implemented. The company also indicated it will publicly release a detailed timeline of events in the coming days.
This data security event follows previous warnings from Cashea regarding online scams targeting its users. In November 2025, the company alerted customers to fraudulent schemes offering fake bonuses, prizes, or loans using the Cashea name and logo, as reported by the company itself. Similar scams were also reported in March 2024 via WhatsApp. Cashea urged users to ignore suspicious messages and contact the company directly through official channels to verify authenticity.
Growing Concerns Over Fintech Security in Venezuela
The Cashea breach highlights the increasing vulnerability of fintech companies to cyberattacks, particularly in emerging markets like Venezuela. The country’s economic instability and reliance on digital financial solutions have created a fertile ground for both legitimate innovation and malicious activity. The incident is likely to prompt increased scrutiny of data security practices within the Venezuelan fintech industry.
Cashea’s business model centers around providing accessible financing options for purchases, making it a popular choice for Venezuelan consumers. The company’s rapid growth has been fueled by the increasing adoption of digital payment methods in the country. However, this expansion also presents challenges in maintaining robust cybersecurity infrastructure.
Cashea has not yet disclosed the specific nature of the compromised data, but the company’s assurances that user credentials remain secure will likely be a key focus of the forthcoming public report. The company is expected to provide further updates as its investigation progresses. Users of the Cashea platform are advised to remain vigilant and monitor their accounts for any signs of unauthorized activity.
As the investigation unfolds, the incident serves as a stark reminder of the importance of robust cybersecurity measures for all financial institutions, particularly those operating in rapidly evolving digital landscapes. The coming days will be crucial in determining the full extent of the breach and the steps needed to prevent similar incidents in the future.
Share your thoughts on this developing story in the comments below.
