Meanwhile I can’t use the Bank of Scotland app on Graphene OS because apparently GOS isn’t secure enough.
Customers of three UK banks report being able to see other people’s accounts on app
Submitted 1 month ago by Veserr@sh.itjust.works to unitedkingdom@feddit.uk
Comments
ashughes@feddit.uk 1 month ago
TheReturnOfPEB@reddthat.com 1 month ago
That happened to me with my bank updated their app. Suddenly I could browse and move money in and out of others’ accounts. I had to fail-hold for 45 minutes for someone to tell me don’t worry about it. Literally had to call out the CEO’s “mission accomplished” blogpost and say “yeah no your rollout wasn’t perfect. fix my shit.” because customer services refused to do anything.
good times in the 21st century.
Gentryfried@feddit.uk 1 month ago
That’s insane. How long has this been a thing??
mjr@infosec.pub 1 month ago
Banks using less secure IT than their customers but having tons of annoying security theatre? Oh, at least 30 years.
mannycalavera@feddit.uk 1 month ago
Hmm I wonder who does their IT?
mjr@infosec.pub 1 month ago
Copilot?
mannycalavera@feddit.uk 1 month ago
IBM I’m guessing given the historical contacts and scale of fuck up.
blackn1ght@feddit.uk 1 month ago
The DPO Controller at the banks: I picked the wrong week to stop sniffing glue!
mjr@infosec.pub 1 month ago
Yep, because one of your programmers used it to start sniffing glue, it seems!
MrsDoyle@sh.itjust.works 1 month ago
Well that sounds like fun! Shame I’m with a different bank.
fox2263@lemmy.world 1 month ago
Sounds like someone vibe coded a bug fix haha
BigTwerp@feddit.uk 1 month ago
For those of you wondering if you might have been affected but can’t find out because the article is paywalled: Lloyds, Bank of Scotland and Halifax are the ones affected.
Link@rentadrunk.org 1 month ago
It’s not paywalled but it is behind an obnoxious cookie prompt. You can hide it with most browsers (iOS Safari or UBlock Origin in Firefox are two examples) and access it anyway without consenting to their cookies.
BigTwerp@feddit.uk 1 month ago
That’s all very well but 1) I’m reading this using firefox with clean cookies and.ublock origin and the block is still there. And 2) a cookie paywall is a defacto paywall.