Monzo PIN change follows logging blunder

Holy carp. Logging passwords is a rooky mistake, if there ever was one… I guess their saving grace is that they hand encrypted their logs…

2 Likes

Less than a fifth is a lot of customers, encrypted doesn’t mean secure, if you have access to the data in a format that is ready to read then encryption doesn’t mean much.

They have fixed the issue which is good, what they need to work out is why it arose considering they wrote the system they use.

4 Likes

From Monzo forum

Epic fail

3 Likes

How many times have they said

“We’re very sorry this has happened”

They said it so many times in the blog post about the outage I was going to suggest a drinking game for next time. We know you’re sorry, saying it every other sentence doesn’t make it any meaningful, once is enough.

1 Like

Not sure if they’re emailing the people affected by this or everyone…

But I’ve just had an email… :no_mouth:

1 Like

Ouch - and since they need users to update the app can we assume that those who don’t will continue to have their PINs logged?

1 Like

:rage: Now I have to change my favourite PIN because of their mistakes? Nice… nice

I don’t use my monzo card so just disabling card transactions not changing the pin to one I won’t remember.

I am just changing my DDs over starling not impressed.

1 Like

A post was merged into an existing topic: The Monzo Forum thread

I would but IFTTT

I’m no longer a Monzo customer so I doubt I’ll be notified if I was effected!?

I’m really unhappy about this as I use the same PIN for all of my cards. I’ve never shared it and it’s a random number so it WAS pretty secure.

Scratch that, I just received an email; I’m one of the affected…

Can you change an Amex card PIN on any ATM free?

1 Like

Yay! I’m a securitybreachstomer! When’s the securitybreachstival?

3 Likes

But at least you’re not a SecurityBreachPlusMetalostomer…

Just think if you were paying for that service… might be able to get my wife to join Starling on the back of this :joy:

2 Likes

Engineers at Monzo have access to these log files as part of their job.

Monzo must think that their engineers must be untrustworthy.

Would you trust a 12 year old who gets paid in hugs and bean bag chairs?

3 Likes

Of course I would, it’s Monzo

said no one ever

2 Likes

I feel like that GIF applies to 99% of Monzo customers…

“Would you like to spend £400 on a metal card?”

“Would you like to pay to deposit your own money?”

“Would you like to join a premium programme where you get absolutely nothing for £72 per year?”

I could go on… But you get the picture.

7 Likes