Last updated 2 weeks ago
Lloyds Banking Group, a major UK financial institution, experienced a data exposure incident affecting 447,936 customers. The breach occurred during a mobile application update when a technical glitch made customer data accessible to other users. The exposed information included transaction histories and personal customer data.
The breach resulted from a misconfiguration during the app update process, which inadvertently exposed customer data to unauthorized viewing by other app users. The incident did not involve external threat actors or exploitation of software vulnerabilities, but rather an internal technical failure that created unauthorized access to sensitive financial and personal information.
Lloyds Banking Group has notified affected customers and regulators about the exposure. The company has implemented fixes to the mobile application to prevent further data exposure and is conducting an internal investigation into the technical failure.
App glitch during an update exposed customer data
This incident highlights the critical need for rigorous testing and validation of configuration changes in financial applications, particularly during update deployments. The exposure of nearly half a million customer records demonstrates how seemingly routine technical processes can create significant data security risks if proper access controls and isolation mechanisms are not maintained throughout the update lifecycle.
Sign in to join the discussion.
Company
Industry
Location
Disclosed
Records Affected
Attack Vector