United Kingdom

6641 readers

194 users here now

General community for news/discussion in the UK.

Less serious posts should go in !casualuk@feddit.uk or !andfinally@feddit.uk
More serious politics should go in !uk_politics@feddit.uk.

Try not to spam the same link to multiple feddit.uk communities.
Pick the most appropriate, and put it there.

Posts should be related to UK-centric news, and should be either a link to a reputable source, or a text post on this community.

Opinion pieces are also allowed, provided they are not misleading/misrepresented/drivel, and have proper sources.

If you think "reputable news source" needs some definition, by all means start a meta thread.

Posts should be manually submitted, not by bot. Link titles should not be editorialised.

Disappointing comments will generally be left to fester in ratio, outright horrible comments will be removed.
Message the mods if you feel something really should be removed, or if a user seems to have a pattern of awful comments.

founded 2 years ago

MODERATORS

tom@feddit.uk

GreatAlbatross@feddit.uk

frankPodmore@slrpnk.net

Customers of three UK banks report being able to see other people’s accounts on app (www.theguardian.com)

submitted 1 month ago by Veserr@sh.itjust.works to c/unitedkingdom@feddit.uk

15 comments fedilink hide all child comments

top 15 comments

sorted by: hot top controversial new old

[–] ashughes@feddit.uk 15 points 1 month ago

Meanwhile I can't use the Bank of Scotland app on Graphene OS because apparently GOS isn't secure enough.

[–] TheReturnOfPEB@reddthat.com 14 points 1 month ago (1 children)

That happened to me with my bank updated their app. Suddenly I could browse and move money in and out of others' accounts. I had to fail-hold for 45 minutes for someone to tell me don't worry about it. Literally had to call out the CEO's "mission accomplished" blogpost and say "yeah no your rollout wasn't perfect. fix my shit." because customer services refused to do anything.

good times in the 21st century.

[–] Gentryfried@feddit.uk 3 points 1 month ago (1 children)

That's insane. How long has this been a thing??

[–] mjr@infosec.pub 6 points 1 month ago

Banks using less secure IT than their customers but having tons of annoying security theatre? Oh, at least 30 years.

[–] BigTwerp@feddit.uk 13 points 1 month ago (1 children)

For those of you wondering if you might have been affected but can't find out because the article is paywalled: Lloyds, Bank of Scotland and Halifax are the ones affected.

[–] Link@rentadrunk.org 3 points 1 month ago (1 children)

It’s not paywalled but it is behind an obnoxious cookie prompt. You can hide it with most browsers (iOS Safari or UBlock Origin in Firefox are two examples) and access it anyway without consenting to their cookies.

[–] BigTwerp@feddit.uk 0 points 1 month ago (1 children)

That's all very well but 1) I'm reading this using firefox with clean cookies and.ublock origin and the block is still there. And 2) a cookie paywall is a defacto paywall.

[–] Link@rentadrunk.org 1 points 1 month ago

https://github.com/gorhill/uBlock/wiki/Element-picker

[–] mannycalavera@feddit.uk 5 points 1 month ago (1 children)

Hmm I wonder who does their IT?

[–] mjr@infosec.pub 3 points 1 month ago (1 children)

Copilot?

[–] mannycalavera@feddit.uk 1 points 1 month ago

IBM I'm guessing given the historical contacts and scale of fuck up.

[–] blackn1ght@feddit.uk 3 points 1 month ago (1 children)

The DPO Controller at the banks: I picked the wrong week to stop sniffing glue!

[–] mjr@infosec.pub 2 points 1 month ago

Yep, because one of your programmers used it to start sniffing glue, it seems!

[–] fox2263@lemmy.world 2 points 1 month ago

Sounds like someone vibe coded a bug fix haha

[–] MrsDoyle@sh.itjust.works 2 points 1 month ago

Well that sounds like fun! Shame I'm with a different bank.