IT Glitch Exposes Customer Data at Lloyds Banking Group
Almost half a million customers of Lloyds, Halifax, and Bank of Scotland experienced exposure to other customers' transactions or had their own data shared due to a recent IT issue, the bank has disclosed.
Initially, Lloyds Banking Group had not specified the number of customers affected by the glitch that occurred on 12 March. The incident caused distress among some users who observed payments, charges, and national insurance numbers belonging to others within their banking apps.
However, in a letter responding to inquiries from the Treasury Select Committee published on Friday, Lloyds revealed that up to 447,936 customers were impacted by the fault.
Committee Chair Comments on Modern Banking Risks
Dame Meg Hillier, chair of the Treasury Select Committee, commented on the incident, highlighting the balance between convenience and risk in contemporary banking.
"Modern banking methods mean we can now perform a variety of tasks on our phones in a matter of seconds, and almost anywhere," said Dame Meg.
"What this incident brings into focus is the fact that there is a trade-off."
She further emphasized that increased online banking interactions require consumers to trust technology that can be prone to unpredictable errors, underscoring the importance of transparency from banks when issues arise.
"That's why my Committee continues to push banks to be transparent when things go wrong," Dame Meg added.
Details from Lloyds Banking Group's Investigation
The letter, authored by Jasjyot Singh, head of consumer relations at Lloyds Banking Group, detailed the findings from their investigation to date. It stated that 114,182 customers had clicked on transactions belonging to others when these appeared in their app interfaces.
These customers may have been shown sensitive information, including account details, national insurance numbers, and payment references.
"Although it was fixed promptly, we are extremely sorry the incident happened and we understand the questions it will have prompted," Singh wrote in the letter published on Friday.
"We have immediately investigated how the incident occurred."
According to the letter, some customers might also have seen transaction details related to individuals who were not customers of Lloyds Banking Group. This occurred in cases where payments were made by a Lloyds customer to another bank.
Singh confirmed that the company would fully cooperate with financial regulators, including the Financial Conduct Authority (FCA) and the Information Commissioner's Office (ICO).
The ICO stated at the time that it was "making enquiries" with Lloyds regarding the issue.
The FCA told the BBC it expects "firms to protect customer data and be able to respond to and quickly recover from disruptions."
Customer Experience and Reaction
During the incident, one affected customer, Asha, described her reaction after seeing unfamiliar transactions on her app, which matched the totals of her bank account.
"I assumed I was hacked or a fraud had went on," she told the BBC.
"I genuinely thought someone had cloned my details - one transaction was by someone who bought a car. I thought they'd spent £8,000 of my money."
She added that the experience left her feeling "almost traumatised."
for our Tech Decoded newsletter to follow the world's top tech stories and trends. Outside the UK? here.
