Lloyds Banking Group faces fresh scrutiny after an IT glitch exposed customers' sensitive data, including national insurance numbers, via the Bank of Scotland app. The bug, active Thursday morning, allowed users to view transactions and personal details of at least six accounts over 20 minutes, prompting an internal review. Charlie Nunn, CEO, acknowledged the breach but emphasized swift resolution, stating, “The issue was quickly resolved.”

The incident coincides with ongoing investigations by the Information Commissioner’s Office (ICO) into Lloyds’ handling of employee data. In November, the FT revealed Lloyds analyzed anonymized staff account data to inform union pay negotiations, raising privacy concerns. Regulators are now scrutinizing whether this practice violated data protection laws, compounding reputational risks for the bank.

Lloyds is accelerating its fintech overhaul, part of Nunn’s 2022 strategy to modernize systems and position the bank as the UK’s largest digital lender. The glitch highlights vulnerabilities in its tech infrastructure despite significant investments. Analysts warn that repeated breaches could erode consumer trust and invite stricter regulatory penalties.

This data exposure underscores systemic challenges for traditional banks pivoting to fintech. With customer data security at the forefront, Lloyds must balance innovation with robust safeguards to avoid further fallout. The ICO’s probe and public backlash may force accelerated reforms in its IT governance framework.