Monzo has warned around half a million of its customers to change their security codes after discovering a “bug” in its internal system.
The British digital bank revealed that some PINs (personal identification numbers) had been wrongly stored in encrypted log files visible to its engineers.
Since the glitch was spotted on Friday the company has released updates to its apps and deleted the information to ensure it was no longer accessible.
The company, writing on its blog, sought to reassure customers that “nobody outside Monzo had access to these PINs”.
“We’ve checked all the accounts that have been affected by this bug thoroughly, and confirmed the information hasn’t been used to commit fraud,” it added.
“Just in case, we’ve messaged everyone that’s been affected to let them know they should change their PIN by going to a cash machine.”
Monzo said that the issue affected less than a fifth of its 2.5 million UK customers, but urged all users to update their apps to the latest version.
“If we haven’t emailed you, you haven’t been affected,” the company said. ”But you should still update your app to the latest version.
“We’re really sorry about this. Please get in touch with us if you have any questions or concerns.”
It comes as Monzo tests a monthly subscription service for its new metal bank card.
Customers would pay up to £7.50 per month over a year – in addition to the minimum of £6 a month for the premium Monzo Plus service, according to reports.
Last month the bank apologised to customers for system problems which left some users unable to log in, send or receive payments or view their balances.
The company said it was caused by a routine upgrade to the bank’s online platform.