Meanwhile I can’t use the Bank of Scotland app on Graphene OS because apparently GOS isn’t secure enough.
Customers of three UK banks report being able to see other people’s accounts on app
Submitted 2 weeks ago by Veserr@sh.itjust.works to unitedkingdom@feddit.uk
Comments
ashughes@feddit.uk 2 weeks ago
TheReturnOfPEB@reddthat.com 2 weeks ago
That happened to me with my bank updated their app. Suddenly I could browse and move money in and out of others’ accounts. I had to fail-hold for 45 minutes for someone to tell me don’t worry about it. Literally had to call out the CEO’s “mission accomplished” blogpost and say “yeah no your rollout wasn’t perfect. fix my shit.” because customer services refused to do anything.
good times in the 21st century.
Gentryfried@feddit.uk 2 weeks ago
That’s insane. How long has this been a thing??
mjr@infosec.pub 2 weeks ago
Banks using less secure IT than their customers but having tons of annoying security theatre? Oh, at least 30 years.
mannycalavera@feddit.uk 2 weeks ago
Hmm I wonder who does their IT?
mjr@infosec.pub 2 weeks ago
Copilot?
mannycalavera@feddit.uk 2 weeks ago
IBM I’m guessing given the historical contacts and scale of fuck up.
blackn1ght@feddit.uk 2 weeks ago
The DPO Controller at the banks: I picked the wrong week to stop sniffing glue!
mjr@infosec.pub 2 weeks ago
Yep, because one of your programmers used it to start sniffing glue, it seems!
MrsDoyle@sh.itjust.works 2 weeks ago
Well that sounds like fun! Shame I’m with a different bank.
fox2263@lemmy.world 2 weeks ago
Sounds like someone vibe coded a bug fix haha
BigTwerp@feddit.uk 2 weeks ago
For those of you wondering if you might have been affected but can’t find out because the article is paywalled: Lloyds, Bank of Scotland and Halifax are the ones affected.
Link@rentadrunk.org 2 weeks ago
It’s not paywalled but it is behind an obnoxious cookie prompt. You can hide it with most browsers (iOS Safari or UBlock Origin in Firefox are two examples) and access it anyway without consenting to their cookies.
BigTwerp@feddit.uk 2 weeks ago
That’s all very well but 1) I’m reading this using firefox with clean cookies and.ublock origin and the block is still there. And 2) a cookie paywall is a defacto paywall.