Monzo Security Flaw Affects 500K Customers

Monzo bank card and smartphone

Monzo, one of the world’s largest digital banks, discovered a security flaw and is now asking half-million of its customers to change their personal identification numbers (PINs), TechCrunch reported on Monday (Aug. 5).

The bug has been fixed, but as a precaution, customers are being urged to change their PINs. 

According to Monzo’s blog, the bank noticed on Friday, Aug. 2 that some people’s PINs were being stored on logs that engineers at Monzo had access to. PINs are typically stored in a “particularly secure part of our systems.” 

“No one outside Monzo had access to these PINs. We’ve checked all the accounts that have been affected by this bug thoroughly, and confirmed the information hasn’t been used to commit fraud,” Monzo said on its blog.

The company said the flaw was fixed by 5:25 a.m. on Saturday morning, and updates released to the Monzo apps. The company then deleted the information that was stored incorrectly and is emailing all of its customers.

“If we’ve contacted you to tell you that you’ve been affected, you should head to a cash machine to change your PIN to a new number as a precaution,” Monzo said. “You can do this by putting your Monzo card into the cash machine, entering your old PIN and choosing ‘PIN services.’ Then choose ‘Select a new PIN’ and change it to a new number.”

According to the company's blog, The issue affected less than a fifth of U.K. Monzo customers.” Monzo reportedly has more than 2 million users.

The company recently rolled out in the U.S., signing up consumers at events in Los Angeles, New York and San Francisco. That rollout was said to be reminiscent of the word of mouth that had been a springboard to the firm’s gaining traction in the United Kingdom. In the U.S. there will be no minimum balance requirements and no monthly fees — but the company will not pay interest on deposits.



Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.