Major UK retail and commercial financial services provider had information from over 447,000 customers using its mobile banking apps inadvertently exposed by a botched IT update between Mar. 11 and 12 that resulted in a vulnerability in the transaction data-handling API, reports The Register.While up to 447,936 individuals may have had their transaction lists leaked to other customers, up to 114,182 may have had access to more comprehensive payment details as a result of the API issue, which broke account isolation when two users leveraged the same function within fractions of a second, according to Lloyds."In some cases, the transaction information visible may have related to individuals who are not Lloyds Banking Group customers, for example in an instance where a payment was made from a Lloyds Banking Group customer account to an account holder at another bank," said Lloyds CEO of Consumer Relationships Jasjyot Singh. More than 139,000 has been offered by Lloyds to nearly 3,625 affected customers, with additional claims for potential financial damages stemming from the defect under consideration.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




