Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security IT Technology

UK-based Mobile-Only Bank Monzo Admits To Storing Payment Card PINs in Internal Logs (zdnet.com) 33

Monzo, a mobile-only bank operating in the UK, admitted today to storing payment card PINs inside internal logs. From a report: The company is now notifying all impacted customers and urging users to change card PINs the next time they use a cash machine. Monzo described the issue as a "bug" that occurred when Monzo customers used two specific features of their Monzo mobile apps -- namely the feature that reminds users of their card number and the feature for canceling standing orders. When Monzo customers used one of these two features, they'd be asked to enter their account PIN, for authorization purposes, but unbeknowst to them, the PIN would also be logged inside Monzo's internal logs. Monzo said these logs were encrypted and that only a few employees had access to the data stored inside. The company said it discovered the bug on Friday, August 2, and spent all weekend removing PIN numbers from its internal logs.
This discussion has been archived. No new comments can be posted.

UK-based Mobile-Only Bank Monzo Admits To Storing Payment Card PINs in Internal Logs

Comments Filter:
  • to do a TFA on your phone to authorize purchases than signing or putting in a PIN...

  • Damn! The planet is run by a bunch of liars! And everybody says, *No biggie*...

  • by rickb928 ( 945187 ) on Monday August 05, 2019 @12:12PM (#59044266) Homepage Journal

    Regulations do not permit this. Book 'em, Dano.

    • Regulations do not permit this. Book 'em, Dano.

      If we have draconian punishments for self-reported breaches, we will have less self-reporting and more breaches.

A consultant is a person who borrows your watch, tells you what time it is, pockets the watch, and sends you a bill for it.

Working...