CP
cyberpings
BreachesHIGH

Lloyds Bank - IT Bug Exposes Customer Transaction Data

CSCSO Online
Lloyds Bankdata exposureAPIUK Information Commissioner's Officemobile app
🎯

Basically, a bug in Lloyds Bank's app let some customers see each other's transaction details.

Quick Summary

Lloyds Bank's recent IT glitch exposed transaction data between customers. Nearly 450,000 users might have seen others' transactions. The bank is investigating and cooperating with regulators to address the issue.

What Happened

On March 12, Lloyds Banking Group experienced a significant IT glitch that allowed some customers to view transaction details of other users. The bank disclosed this incident in a letter to the UK Parliament’s Treasury Committee. The issue stemmed from an overnight IT change that caused two customers accessing their accounts simultaneously to see each other's transaction data.

The bank attributed the problem to a flaw in the design of the code used to update the Application Programming Interface (API) for its mobile app. While the specifics of the defect were not detailed, the bank emphasized that customers did not gain full access to another's account.

Who's Affected

Lloyds Bank has approximately 21.6 million users of its mobile app. Out of these, nearly 448,000 customers may have been exposed to another user’s transaction details during the incident. Of those, 114,182 customers potentially clicked to view a transaction during the exposure period, which could have shown them details belonging to other users.

The bank is currently conducting a thorough investigation to understand the full scope of the incident and its implications. They have also reached out to relevant financial authorities and the UK Information Commissioner’s Office (ICO) to ensure compliance with data privacy regulations.

What Data Was Exposed

The data exposed during this incident primarily consisted of transaction details. While the bank reassured customers that there was no complete access to another account, the exposure of transaction information raises serious concerns about data privacy and security.

The incident highlights the vulnerabilities that can occur during IT updates and the importance of robust testing before implementing changes. Although no financial loss has been reported, the breach of trust could lead to customer dissatisfaction and potential regulatory scrutiny.

What You Should Do

If you are a Lloyds Bank customer, it’s essential to stay informed about the situation. Monitor your account for any unusual activity and consider changing your password as a precaution. Additionally, keep an eye on communications from the bank regarding the incident and any recommendations they may provide.

For those concerned about data privacy, this incident serves as a reminder to regularly review security settings and practices. Ensuring that your personal information is protected should always be a priority, especially in light of such breaches. Lloyds Bank is cooperating with authorities to address the situation and prevent future occurrences.

🔒 Pro insight: This incident underscores the critical need for rigorous testing of API updates to prevent similar data exposure in the future.

Original article from

CSO Online

Read Full Article

Share

Related Pings

HIGHBreaches

European Commission - Cyberattack Confirmed, Data Breached

A cyberattack on the European Commission has led to a significant data breach. Hackers stole hundreds of gigabytes of data from its cloud storage. This incident raises serious security concerns for the EU and its stakeholders.

TechCrunch Security·
HIGHBreaches

Data Breach - Iranian Hackers Compromise FBI Chief's Gmail

Iranian hackers have breached FBI Chief Kash Patel's Gmail, leaking sensitive data online. This incident raises serious concerns about U.S. cybersecurity practices. The implications extend beyond Patel, affecting the entire law enforcement community.

Cyber Security News·
MEDIUMBreaches

FBI Breach - Iran-Linked Group Steals Director's Emails

What Happened On March 27, 2026, the FBI confirmed that a hacking group with ties to Iran's Ministry of Intelligence and Security (MOIS) leaked personal emails of FBI Director Kash Patel. This breach included photographs and emails dating back to 2010 and 2019. The FBI stated that the leaked information is historical and does not involve any government data.

The Record·
HIGHBreaches

Data Breach - Pro-Iranian Group Hacks FBI Director Kash Patel

A pro-Iranian hacking group has leaked sensitive documents from FBI Director Kash Patel's personal email. This breach raises serious security concerns for high-profile officials. Immediate actions are needed to protect sensitive information.

SecurityWeek·
HIGHBreaches

Breach Investigation - European Commission's Amazon Cloud Hack

A serious breach has hit the European Commission after hackers accessed its Amazon cloud account. Over 350 GB of data was stolen, raising major security concerns. The Commission is investigating the incident and its implications for data privacy.

BleepingComputer·
HIGHBreaches

Breaches - Iranian Hackers Compromise FBI Director's Email

Iranian hackers claim to have breached the personal email of FBI Director Kash Patel. This incident raises serious concerns about national security and data protection. The implications of this breach could affect sensitive operations and individuals involved in government activities.

TechCrunch Security·