Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
News
See Headlines »

Related Companies

Monzo

Channels

Retail banking Security

Keywords

Cards Mobile & online banking
Editorial | what does this mean?
This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.
Monzo asks customers to change PINs after storage bug discovered

Monzo asks customers to change PINs after storage bug discovered

Monzo is asking up to half a million customers to change their PINs after discovering a bug that rendered them accessible to engineer's working on the bank's systems.

The security oversight saw customer PINs inadvertently stored in two distinct files in the company's architecture, one of which was open to engineer's as part of their job.

The challenger has spent the weekend deleting the files that were stored incorrectly and releasing updates to the Monzo app.

"No one outside Monzo had access to these PINs," says the bank. "We’ve checked all the accounts that have been affected by this bug thoroughly, and confirmed the information hasn’t been used to commit fraud.

"Just in case, we’ve messaged everyone that’s been affected to let them know they should change their PIN by going to a cash machine."

The issue affected a fifth of the bank's 2.5 million customers.

Related Companies

Monzo

Channels

Retail banking Security

Keywords

Cards Mobile & online banking
Editorial | what does this mean?
This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

Sponsored: Join us at Money20/20 Europe 2024 - 4-6 June, Amsterdam | Use code FEX200 to save €200 on your ticket

Comments: (5)

Alexander Mostowfi
Alexander Mostowfi - Oracle Corporation - London 05 August, 2019, 17:02Be the first to give this comment the thumbs up 0 likes

Assuming I read this correctly, this means 1/5 of Monzo's 2.5M customers now need to change their card pin via a visit to a cash machine, more importantly if those customers used the same pin on multiple cards (as many customers do for convenience) they will need to change their other bank card pins too. 

Report abuse
Craig Lawrance
Craig Lawrance - Starkspur Ltd - Chalfonts 05 August, 2019, 17:382 likes 2 likes

absolutely shocking!  Are these guys a Bank or are they just playing at banking?

Report abuse
Robin Setty
Robin Setty - ACI Worldwide (EMEA) Limited - Watford 06 August, 2019, 10:081 like 1 like

One of the competitive advantages of the new entrants is that they're under less scrutiny than traditionals.  Imagine, the noise if this were NatWest or Barclays?

Report abuse
A Finextra member
A Finextra member 06 August, 2019, 11:23Be the first to give this comment the thumbs up 0 likes

WP: They are indeed a bank, and showing the older ones how transparency works.  Can you guarantee that this has never happened at your bank?  I used to struggle to get hold of mine, let alone hear from them proactively.  Did your bank spot the Ticketmaster fraud and re-issue cards to everyone who'd shopped there, before notifying Ticketmaster, who previously had no idea?  Banking is moving on, which is a good thing.  Who is under less scrutiny?  The rules are all the same, and the customers of these new banks are a lot more active on social media...

Report abuse
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 06 August, 2019, 11:541 like 1 like

According to the common narrative:

Traditional Banks make Customers visit Branches because their UX sucks. 

To that we can now add:

Challenger Banks make Customers visit ATM Machines because their Security sucks.

LOL, I never imagined this is how the "UX versus Security" Holy Grail will be cracked eventually:)

Report abuse
Join the discussion

Write a blog post about this story (membership required)

[New Survey Report] Definitive Differentiators - Forging a future-proof payments model[New Survey Report] Definitive Differentiators - Forging a future-proof payments model

Trending

Related News
Monzo and Starling sail ahead in banking apps poll

Monzo and Starling sail ahead in banking apps poll

Monzo doubles valuation to £2 billion after fresh capital injection

Monzo doubles valuation to £2 billion after fresh capital injection

Monzo hits two million customer milestone

20 May 2019

From data security darling to cyber fall guy, Monzo experiences a breach of its own

02 Jul 2018

Bank of England resolves tech glitch; Monzo shows JPMorgan how to handle outage news

26 Jan 2018

Trending

  1. Lloyds Bank cuts risk dept headcount

  2. UK government announces open finance task force

  3. Lloyds warns against fraudsters on Booking.com and Airbnb

  4. Chips migrates to ISO 20022 message format

  5. Temenos rejects Hindenburg claims after probe completed

Research
See all reports »
The Future of UK Fintech - 2015-2035

The Future of UK Fintech - 2015-2035

Definitive Differentiators - Forging a future-proof payments model

Definitive Differentiators - Forging a future-proof payments model

APP Fraud Liability: A Guide for Banks

APP Fraud Liability: A Guide for Banks