British digital bank Monzo has apologised and urged 480,000 customers to change their PINs after realising that some of them were being stored inappropriately.
The issue was discovered last Friday when the company realised that the PINs were being stored in encrypted log files which the company’s engineers had access to the plain text of.
“We’ve deleted the information that we stored in this way,” the company stated.
“As soon as we discovered the bug, we immediately made changes to make sure the information wasn’t accessible to anyone in Monzo.”
Although nobody outside of the company had access to the PINs, and confirmed – checking the accounts themselves – that no suspicious or fraudulent activity had taken place, the company is issuing a warning.
“We’ve messaged everyone that’s been affected to let them know they should change their PIN by going to a cash machine.
“The issue affected less than a fifth of UK Monzo customers.
“If we’ve contacted you to tell you that you’ve been affected, you should head to a cash machine to change your PIN to a new number as a precaution.”
Customers who have not received an email have not been affected, the company said, adding: “We’re really sorry about this.
“Please get in touch with us if you have any questions or concerns.”
