22 September 2017
visit www.avoka.com

Personal finance start-up Rudder suffers security lapse

21 May 2009  |  6489 views  |  0 typing email on tablet

Houston-based personal financial management start-up Rudder has inadvertently exposed the private account details of hundreds of individuals to other users of the site.

Daily account updates sent to two percent of Rudder's active users also provided a direct link through to the accounts of hundreds of other subscribers, where visitors could view balance updates and transaction information relating to personal bank accounts, credit cards and bill payments.

Rudder says that in total 732 accounts were compromised, but that no bank user names, passwords, addresses or other personal identity-based information were exposed.

In a statement posted on its site, Rudder says: "This issue was not the result of a data breach, but due to a software issue in our program that generates emails. It is important to know that Rudder has "read only" access to your account balances and transactions and we do not store account credentials like user names, passwords, or your personal information like name, address or social security number."

As a precautionary measure, the company says it will be offering a free identity-theft service to all compromised Rudder members.

Finextra verdict Competitors such as Mint and Wesabe might be rubbing their hands with glee at the prospect of picking off defecting Rudder subscribers, but this security lapse reflects badly on the entire sector. Mint for one has recently been talking about charging commercial third parties for access to aggregated anonymous consumer spending data. Like Rudder, Mint doesn't store names or account numbers - and there's no danger of individual account compromise - but subscribers might revolt at the idea that details of their personal spending habits are being sold on to the private sector.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Wesabe launches money management platform for banks

Wesabe launches money management platform for banks

18 March 2009  |  6951 views  |  0 comments
Wesabe partners with The Daily Telegraph for UK launch

Wesabe partners with The Daily Telegraph for UK launch

11 November 2008  |  6265 views  |  0 comments
Wells Fargo moves into PFM start-up territory with new budgeting tool

Wells Fargo moves into PFM start-up territory with new budgeting tool

29 October 2008  |  13566 views  |  0 comments
Mint secures $12 million in series b funding

Mint secures $12 million in series b funding

05 March 2008  |  4993 views  |  0 comments
Mint raises $4.7 million in series a funding

Mint raises $4.7 million in series a funding

17 October 2007  |  4621 views  |  0 comments
Wesabe closes $4m financing

Wesabe closes $4m financing

20 June 2007  |  5853 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.temenos.comvisit www.capgemini.comvisit www.vasco.com

Top topics

Most viewed Most shared
HSBC switches on selfie payments in ChinaHSBC switches on selfie payments in China
12745 views comments | 26 tweets | 42 linkedin
Equifax hack: Visa and Mastercard flag 200k compromised credit cardsEquifax hack: Visa and Mastercard flag 200...
11039 views comments | 6 tweets | 17 linkedin
Dutch bank sentences teenage DDoS culprit to community serviceDutch bank sentences teenage DDoS culprit...
9575 views comments | 6 tweets | 3 linkedin
Apple P2P payments service nears launchApple P2P payments service nears launch
8278 views comments | 18 tweets | 27 linkedin
AXA launches blockchain to cover late flight compensationAXA launches blockchain to cover late flig...
8047 views comments | 13 tweets | 27 linkedin

Featured job

Competitive base, double ote, benefits
London, UK

Find your next job