LONDON — Lloyds Banking Group has admitted that a software defect following a mobile app update exposed the private transaction data of nearly 450,000 customers to unauthorized users.
In a formal letter to the cross-party Treasury Committee, the banking giant revealed that 447,936 customers across Lloyds, Halifax, and Bank of Scotland were affected by the breach, which allowed users to view other people's financial activities. According to the bank, 114,182 individuals actually clicked on these exposed transactions, potentially gaining access to sensitive information including account details, National Insurance numbers, and payment references. The glitch was not limited to internal customers; even individuals who do not bank with Lloyds Banking Group may have had their transaction details visible to others during the incident.
Lloyds attributed the security failure to an overnight IT update intended for its mobile applications, which inadvertently introduced a critical software defect. While the bank emphasized that no customers have suffered direct financial loss as a result of the error, it has already paid out £139,000 in compensation to 3,625 customers to address claims of distress and inconvenience. Meg Hillier, Chair of the Treasury Committee, noted that while modern mobile banking offers unprecedented convenience, the incident serves as a stark reminder of the digital trade-off. She stated that by moving interactions online, consumers must place a high degree of faith in technology that remains susceptible to unpredictable and far-reaching errors.
