Hack Notice

Hack Notice: Monzo Bank: Weve fixed an issue that meant we werent storing some customers PINs correctly

Monzo Bank: Weve fixed an issue that meant we werent storing some customers PINs correctly

Source
https://monzo.com/blog/2019/08/05/weve-fixed-an-issue-storing-some-customers-pins
Description
We ask for your pin whenever you need to make a payment, or doh anything else that's sensitive on your Monzo account. And as your bank, we donjon a record of your stick so we canful chit youve entered it correctly. We store them in a particularly secure part of our systems, and tightly check who at Monzo can access them. On Friday 2nd August, we discovered that wed also been recording some peoples PINs in a different part of our internal systems (in encrypted log files). Engineers at Monzo experience access to these log files as part of their job. Weve deleted the information that we stored in this way. as soon as we discovered the bug, we immediately made changes to make sure the information wasnt accessible to anyone in Monzo. By 5:25am on sabbatum morning, we had released updates to the Monzo apps. Over the weekend, we then worked to delete the information that wed stored incorrectly, which we finished on monday morning. You should update your app in the App store or frolic Store. The latest versions of the app are iOS 2.59.0 and Android 2.59.1 (you mightiness already be on the latest version!). Update my app on Android Update my app on iOS No 1 outside Monzo had access to these PINs. Weve checked all the accounts that have been affected by this bug thoroughly, and confirmed the information hasnt been used to commit fraud. Just in case, weve messaged everyone thats been affected to let them know they should alteration their pin by going to a cash machine. The issuing affected less than a fifth of UK Monzo customers. If weve contacted you to narrate you that youve been affected, you should chief to a cash machine to change your pin to a new number as a precaution. You can do this by putting your Monzo card into the cash machine, entering your old pin and choosing PIN services. Then choose Select a new PIN and commute it to a new number. If you suppose you see anything unusual on your account, please get in contact with us straight away through in-app confabulation or by ring the phone number on your debit card. If we havent emailed you, you havent been affected. But you should still update your app to the latest version. Were really sorry about this. Please capture in pinch with us if you get any questions or concerns.

About HackNotice and Monzo Bank: Weve fixed an issue that meant we werent storing some customers PINs correctly

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and Monzo Bank: Weve fixed an issue that meant we werent storing some customers PINs correctly was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of Monzo Bank: Weve fixed an issue that meant we werent storing some customers PINs correctly their products, services, websites, or applications and you were a client of HackNotice, monitoring for Monzo Bank: Weve fixed an issue that meant we werent storing some customers PINs correctly you may have been alerted to this report about Monzo Bank: Weve fixed an issue that meant we werent storing some customers PINs correctly . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If Monzo Bank: Weve fixed an issue that meant we werent storing some customers PINs correctly had a breach of consumer data or a data leak, then there may be additional actions that our clients should read to protect their digital identity. Data breaches, hacks, and leaks often take to and cause identity theft, account have overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, parole reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer info through data leaks, as the direct result of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice workings to monitor for hacks that track to lower client security and digital identities that have been exposed and should live considered vulnerable to attack. HackNotice works with clients to identify the extent that digital identities experience been exposed and provides remediation suggestions for how to handle each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that share data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account take overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that injure consumers. HackNotice applies industry specific knowledge and advanced security practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to portion hack notices with their friend, family, and collogues to assist increase awareness around alleged hacks, breaches, or data leaks. HackNotice works to provide clients with sharable reports to help increment the security of our clients personal network. The surety of the multitude that our clients interact with directly impacts the level of security of our clients. Increased photograph to accounts that have been taken over by hackers leads to further account take overs through phishing, malware, and other impound techniques.

If you found this nag observation to be helpful, then you may be interested in reading some additional cut notices such as:

e unintentional information disclosure, data leak, info leakage and also data spill. Incidents $6.2 billion in the last ii years (presumably 2014 and 2015), according to a Ponemon study. ivate information on individuals, e.g. social security numbers. loss of corporate info such a

District 303 student information exposed in data hack - Kane County Chronicle

AT&T employees took bribes to plant malware on the company's network

Data hack affects local schools - 13WHAM-TV