Klarna, a Swedish fintech company, had a bug in its mobile app that let its users find sensitive details of other users. This intriguing experience was shared by many on Twitter, which soon led Klarna to issue a statement saying about 0.1% of 90,000 customers are affected by this. Access to the app was immediately terminated for everyone and possibly working on its rectification.
Klarna Bug Exposing Users Sensitive Data
Klarna is a Swedish fintech company that offers financial services to customers, like processing their payments and offering loans. The platform’s mobile app was plagued with an unknown bug that led some users to access sensitive details of others. This was explained by many this morning on Twitter.
Each time I tried to log in to my @Klarna account this morning, I’m on someone else’s account? Does this also mean someone else might currently be my on account? What the hell is going on?!! @AskKlarna pic.twitter.com/hqimF2zx7S
— esra efe laborde (@esraefe) May 27, 2021
The technical issue led users to open some other customers’ accounts, which contained details of their name, mobile numbers, addresses, purchases, stored bank accounts, and saved credit cards. While this is sensitive enough to be blamed, Klarna, on the other hand, said this wasn’t the case.
In a statement released by Klarna, the company said, “It is important to note that the access to data has been entirely random and not showing any data containing card or bank details (obfuscated data was visible).” Also, the copyright said the issue prevailed for over 31 minutes and affected about 0.1% of 90 000 users.
Also, it has been random since one person accessing another account will not be reaccessing the same account once freshly logged in. Yet, this has been a breach. Klarna boasted about their standards as “According to GDPR standards, only non-sensitive data was exposed. However, we recognize that what is deemed non-sensitive is very individual, and we set our own standards higher than GDPR.”
Klarna has taken down the app offline, saying it’s under maintenance and be working on it.