Klarna Bug Exposing Users Sensitive Data
Klarna is a Swedish fintech company that offers financial services to customers, like processing their payments and offering loans. The platform’s mobile app was plagued with an unknown bug that led some users to access sensitive details of others. This was explained by many this morning on Twitter.
— esra efe laborde (@esraefe) May 27, 2021 The technical issue led users to open some other customers’ accounts, which contained details of their name, mobile numbers, addresses, purchases, stored bank accounts, and saved credit cards. While this is sensitive enough to be blamed, Klarna, on the other hand, said this wasn’t the case. In a statement released by Klarna, the company said, “It is important to note that the access to data has been entirely random and not showing any data containing card or bank details (obfuscated data was visible).” Also, the copyright said the issue prevailed for over 31 minutes and affected about 0.1% of 90 000 users. Also, it has been random since one person accessing another account will not be reaccessing the same account once freshly logged in. Yet, this has been a breach. Klarna boasted about their standards as “According to GDPR standards, only non-sensitive data was exposed. However, we recognize that what is deemed non-sensitive is very individual, and we set our own standards higher than GDPR.” Klarna has taken down the app offline, saying it’s under maintenance and be working on it.