Monzo is asking up to half a million customers to change their PINs after discovering a bug that rendered them accessible to engineer's working on the bank's systems.
The security oversight saw customer PINs inadvertently stored in two distinct files in the company's architecture, one of which was open to engineer's as part of their job.
The challenger has spent the weekend deleting the files that were stored incorrectly and releasing updates to the Monzo app.
"No one outside Monzo had access to these PINs," says the bank. "We’ve checked all the accounts that have been affected by this bug thoroughly, and confirmed the information hasn’t been used to commit fraud.
"Just in case, we’ve messaged everyone that’s been affected to let them know they should change their PIN by going to a cash machine."
The issue affected a fifth of the bank's 2.5 million customers.
Editorial | what does this mean?