The UK’s Information Commissioner’s Office is currently investigating how a technical error allowed banking customers to access the financial records of others. The breach affected individuals using apps for Lloyds, Halifax, and Bank of Scotland. This rare but serious “data crossover” has raised urgent questions about the encryption and isolation of user data in mobile banking.
During the window of the glitch, users reported seeing detailed lists of outgoing payments that were not their own. This included sensitive information such as National Insurance numbers and the names of individuals receiving transfers. For those living on benefits or tight budgets, the exposure of such specific financial data represents a significant security and privacy risk.
Lloyds Banking Group, the parent company of the affected brands, has characterized the event as a brief “issue viewing transactions.” Despite this downplaying, the legal implications of a data breach can be severe under UK law. The group now has a strict 72-hour window to report the full extent of the exposure to the national regulator.
The frequency of these “payday glitches” has become a point of contention for UK residents. In early 2025, several banks experienced similar failures that locked users out of their accounts during critical financial periods. These events suggest that the infrastructure supporting the UK’s digital economy may require more robust oversight and investment.
While the immediate technical fault has been corrected, the investigation by the ICO continues. The regulator’s findings will be crucial in determining whether the bank’s data protection measures were adequate. For now, customers are being advised to monitor their accounts closely and report any further irregularities.