Lloyds exposed nearly half a million customers' data in banking app glitch

Published: 27 March 2026
Last updated: 30 March 2026
lloyds bank, green logo, people passing by, black horse logo, grey wall, warm people's outfits
People walk past the glass storefront of a Lloyds Bank branch. Michael Nguyen/NurPhoto/Getty.

Lloyds Banking Group exposed the personal data of up to 447,936 customers during an IT glitch earlier this month. The glitch allowed users to see other customers' transactions, including account details and national insurance numbers, Britain's Treasury Committee said on Friday.

Key takeaways:
  • Lloyds IT glitch let customers see others' transactions and personal details.
  • Over 3,600 customers compensated for distress, though no money was stolen.
  • An overnight patch on March 12th caused the breach across three banks.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.

The bank has paid £139,000 ($184,000) in compensation to 3,625 customers for distress and inconvenience, though no customers have suffered financial loss so far, according to a letter from Lloyds published by the committee.

ADVERTISEMENT

According to a BBC report, the glitch occurred on March 12th and has caused some panic among those affected, as the bank’s clients saw payments and charges on their apps that belonged to other people.

"I genuinely thought someone had cloned my details – one transaction was by someone who bought a car. I thought they'd spent £8,000 of my money," said Asha, one of the affected customers who spoke to the BBC.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Lloyds said a software defect during an overnight update caused the breach, which affected customers at Lloyds, Halifax, and Bank of Scotland, with 114,182 people clicking on transactions that revealed other users' personal information.

Jasjyot Singh, chief executive of consumer relationships at Lloyds Banking Group, said the bank is asking customers who may have recorded, screenshotted, or shared information about other users to delete it.

“There is currently no evidence of misuse or malicious activity as a result of the incident through our fraud and cyber monitoring process,” he said, adding that the bank will “continue to monitor [potential fraud] closely.”

Britain's cross-party Treasury Committee had requested further explanation from Lloyds earlier this month regarding the cause of the glitch that occurred on March 12th.

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites
ADVERTISEMENT

Lloyds must provide updates to the committee within one month and after six months.

Lloyds Banking Group says it serves 26 million customers, making it the UK’s largest provider of retail and commercial banking services.

The incident highlights the vulnerability of Britain's digital banking infrastructure, such as apps and websites, as lenders slash physical branch networks to cut costs and shift customers online.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Nadella scoffs at AI giants as Microsoft may host China’s DeepSeek
Cruel cyber training in Canada: testing if exhausted employees would fall for a 'day off' scam
Cloudflare gives AI agents temporary accounts to deploy websites without human logins
Developers giving attackers a free ride after hundreds of iPhone AI apps found exposing credentials
This tiny European country is pioneering digital ID for AI agents
Canadian lender TD tells some employees it will use software to monitor their work
ADVERTISEMENT