Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security Regulation & Compliance
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

AN EMAIL HOWLER THAT COULD COST A MINT!

It’s another week – and there are more people who should know better who have now got egg all over their faces!

This time round, it’s the flaws in a financial management tool designed to track and monitor customer spending habits that has left bosses at Mint.com needing to placate a growing number of their online users.

Mint.com’s problems with email security – and its subsequent problems in managing customer concerns – have been well documented in recent days. For those that don’t know the story, Mint.com sent 11 million blank emails to four million customers on 12 October 2010. These customers use the fee-free website to help them manage their financial affairs. A key requirement of Mint.com is that all customers provide their up-to-date bank account information, which is protected by the website’s online security systems.

What has turned this issue into a problem Mint.com is the lack of empathy it displayed when responding to customers who feared their financial data may have been hacked into as part of a targeted cyber attack. Rather than reassure customers, Mint.com attempted to brush-off people with the vaguest of explanations – which left many users bemused and unhappy.

It’s easy to understand why customers have got themselves into such a lather. For the official public relations response was something along the lines that this was a testing error caused by an employee, who simply ticked the wrong box on a computer application – and then sent an email out!

Yeah. Right!

I have a few questions of my own on this matter: firstly, why was Mint.com ‘testing’ with live customer data? Secondly, where are the safeguards in Mint’s internal systems that are supposed to prevent this kind of thing from happening?

I don’t honestly expect to get an answer to these questions. After all, if they won’t tell their end-users what has really happened, they’re hardly likely to tell me!

But in the final analysis, let’s hope this is a lucky escape for all concerned – including Mint.com. But as the website clearly doesn’t know what its done, we cannot be sure as to the potential extent of the problem until more facts come to light.

If Mint had protected the content of their email – this would be a minor issue, regardless of whether data has been lost or not. Mint may turn around and say no data has been lost, but what's to stop an employee accidently clicking something important next time, if indeed they haven’t already?

To read the full article about the problems experienced by Mint.com, please visit: http://www.tgdaily.com/opinion-features/52029-mintcom-email-glitch-leaves-unanswered-questions

4743

Channels

Security Regulation & Compliance
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (0)

Join the discussion

Member since

0

Location

0

More from member

Community
See all blogs »
Fintech 

How innovation in encryption is helping secure the credit card approval process

Ghazi Ben Amor

Ghazi Ben Amor

Operational Risk Management 

DORA – Navigating the EU’s Operational Resilience Landscape

Antony Fung

Antony Fung

Fintech 

The importance of risk management in trading

Kate Leaman

Kate Leaman

Digital Identity Management 

Navigating the digital identity landscape: A blueprint for financial services competitiveness

Adam Preis

Adam Preis

Now hiring

See more