Monzo users around the world have today been sent an email warning that they should update their smartphone application and change their banking PIN. This comes after the company discovered that PINs could be viewed by employees within the company, something that could pose a fraud risk for an online-only bank.
Though there’s less risk of fraudulent activity here than say a data breach involving a third-party hacker, it’s still worth following their advice and updating your PIN now if you use Monzo.
What is Monzo?
Monzo is one of a number of growing ‘challenger banks’, which are banking companies that are challenging the monolithic high street banks that we’re all used to. Unlike banks like NatWest, HSBC, or Santander, they’ve only been around for a short period and rely heavily on smartphones and the internet.
Whereas traditional banks have a high street presence – albeit one that’s declining in recent years with branch closures – challenger banks are online-only, which brings some benefits, yet also some risks.
Monzo was founded in 2015 and has grown at a rapid rate. The company continually rolls out new features to the app, including the ability to set up direct debits and have your salary paid into the account. You do still get a physical debit card, but there are other perks such as being able to freeze your card in an instant through the app if it’s lost or stolen.
What went wrong?
From the email that Monzo has sent around, it doesn’t seem like a huge issue. They explain that a record was stored of customer PINs in log files that can be accessed by software engineers within the company. Though encrypted, somebody with the right skills may be able to access these PINs.
However, this type of fraud would require a disgruntled employee to dig through encrypted data and is far less serious than if a hacker had accessed sensitive customer data for example. What’s more, the company has voluntarily held up its hand and admitted the issue, as well as rectifying it with an application update.
It’s said that this issue has affected up to 1 in 5 of Monzo’s customers, which is around 480,000 people out of a customer base of approximately 2.6 million. But the bottom line is that this doesn’t seem like a big issue and you shouldn’t be at any risk as long as you update your application and change your PIN as advised.