Fear of identity theft has spiked among UK bank customers following an IT error that displayed private user data to the wrong people. The breach, affecting Lloyds, Halifax, and Bank of Scotland apps, went beyond simple balance errors. Some users reported seeing the National Insurance numbers of strangers, which are critical identifiers for government services and credit applications.
The Information Commissioner’s Office (ICO) has been notified and is currently making inquiries into the group’s data handling practices. The exposure of NI numbers and benefit payment details is particularly concerning for vulnerable populations who rely on the privacy of these transactions. Security experts warn that even a brief exposure of such data can have long-lasting consequences for those affected.
Public outcry was led by social media users who shared their disbelief at seeing other people’s finances. Consumer advocate Shirley Finlayson noted that she saw recipient names and sort codes dating back to 2024. This suggests that the glitch didn’t just show current balances, but potentially accessed archived transaction histories.
Lloyds Banking Group has issued a formal apology, stressing that the incident was short-lived and has been corrected. They are currently “looking into what happened” to identify the specific code failure that allowed the data crossover. However, the group has not yet confirmed exactly how many customers had their information viewed by others.
The incident highlights a major vulnerability in the UK’s move toward a totally digital financial system. With thousands of bank branches closed over the last decade, the app is the only window many have into their money. When that window opens into someone else’s life, it signals a major breakdown in the digital social contract.