Venmo is a mobile transaction app that allows users to easily make payments to each other. It's owned by PayPal. It's a useful app that easily allows anyone to set up an account, link it to a credit card or bank account and then send and receive payments.
Everything about the transactions except the amount is, by default, public. This information would allow someone to build networks of connections between people and businesses, viewing all the transactions that occur. Buzzfeed tried this for President Biden.
"On Friday, following a passing mention in the New York Times that the president had sent his grandchildren money on Venmo, BuzzFeed News searched for the president’s account using only a combination of the app’s built-in search tool and public friends feature. In the process, BuzzFeed News found nearly a dozen Biden family members and mapped out a social web that encompasses not only the first family, but a wide network of people around them, including the president's children, grandchildren, senior White House officials, and all of their contacts on Venmo."
All of the President's information, along with that of his family, has already been taken down.
But the rest of the system continues to operate, by default, in a public sharing mode. Vice.com lays it out in an article that has some further links. A researcher in Berlin mapped every Venmo transaction in 2017 using Venmo's public API. This isn't hacking, it's openly available data.