QUASI-RELIGIOUS banking experience Monzo has warned nearly half a million customers that they need to change their PIN code after it emerged that staff had access to the numbers for six months.
The bank, with its distinctive orange cards which double as an ID card in Shoreditch, says that the problem arose from a bug in its systems which meant that the data, usually only available to a select few people, was being transferred to log files which didn't have the same level of security protection.
Monzo explains: "…as your bank, we keep a record of your PIN so we can check you've entered it correctly. We store them in a particularly secure part of our systems, and tightly control who at Monzo can access them."
Unfortunately, it's thought that around 110 engineers who shouldn't have been able to access the information could do so, in theory, though it's not thought anyone did.
Monzo has 2.6 million customers, of which 480k are affected, roughly one in five. The Information Commissioner's Office has been informed, but this is said to be just a precaution as no data has left the bank.
Monzo has now upgraded its systems to avoid this happening again and by Monday it had removed all traces of the incorrectly stored PIN codes.
The company blog post adds: "If we haven't emailed you, you haven't been affected. But you should still update your app to the latest version.
"We're really sorry about this. Please get in touch with us if you have any questions or concerns."
Shame that "sorry" doesn't appear until right at the end, but you can't really fault Monzo's fast actions to rectify the problem once they found it.
Anyone affected has been contacted directly, both in-app and by email. Mitigating is easy - take your Monzo card to the nearest cash machine and change the PIN. That's it. You should also make sure you have the most up to date version of the Monzo app, but you should be doing that anyway.
Nvidia did a similar boo-boo with log files back in March. μ
Putting the 'mate' in 'climate change denial'
And it has already claimed a celebrity scalp
Dyson with death
Monitor the over-heads