Fintech/News/ Klarna battles serious data breach, with reports of leaked user info The Buy Now Pay Later giant is battling a tech error, which compromised some user information By Isabel Woodford 27 May 2021 Klarna acquires price comparison site Pricerunner to add features in its buy now pay later app. Klarna acquires price comparison site Pricerunner to add features in its buy now pay later app. \Fintech 'The time is now': Monzo searches for US CEO to double down on expansion By Amy O'Brien 9 February 2023 Fintech/News/ Klarna battles serious data breach, with reports of leaked user info The Buy Now Pay Later giant is battling a tech error, which compromised some user information By Isabel Woodford 27 May 2021 Consumers have raised the alarm after user information was mistakenly leaked at Klarna, Europe’s largest private fintech. The company, which is reportedly in the throes of closing a deal valuing it at $40bn, came under fire on Thursday after users complained they were being accidentally logged in as other people, given them access to strangers’ personal information. That included randomised postal addresses and past purchases. Partial card details were also exposed, according to one tweet. Each time I tried to log in to my @Klarna account this morning, I’m on someone else’s account? Does this also mean someone else might currently be my on account? What the hell is going on?!! @AskKlarna pic.twitter.com/hqimF2zx7S — esra efe laborde (@esraefe) May 27, 2021 Klarna responded by temporarily locking down its app services, and said a technical error was to blame. The company, which is headquartered in Sweden, now boasts over 90m users worldwide, and saw app downloads grow at pace last year both in Europe and the US. The reports of data leaks were a blow to the fintech darling which has scooped up increasing amounts of investor cash and is being wooed by regulators across the continent for a potential initial public offering. Still, the fintech isn’t the first fast-growing European startup to face data troubles. An IT collective in Germany raised alarm bells earlier this month about delivery startup Gorillas, which is reported chasing a $6bn valuation. The group found weaknesses in its data security and were able to access sensitive customer information. Not a hack Klarna issued a statement Thursday that stressed the incident was not an external attack. It also initially stated that up to 90,000 app users had been affected but later reduced that number to a maximum of 9500. The statement, penned by CEO Sebastian Siemiatkowski stated there had been a “self-inflicted incident, that for 31 min affected not more than 9,500 of [its] app users. He added “that a human error caused the bug and it was not an external breach of [the company’s] systems.” “It is important to note that the access to data has been entirely random and not showing any data containing card or bank details (obfuscated data). Even though GDPR would classify the information visible as ‘non-sensitive’, for Klarna all data is important. We are taking this incident very seriously and we will work tirelessly to regain the affected consumers’ trust,” the statement said. A spokeswoman for the company also clarified that the data was “was not actionable upon”, from a regulatory perspective. It’s unknown if the breach affected just the UK. This article was updated on Friday, 28 May to reflect a revised number of users affected and to include a statement from a Klarna spokeswoman. Related Articles Sequoia accelerator alum Fides raises $4.3m seed By Amy O'Brien Click here to read more Top dog from LVMH joins French crypto startup Ledger By Marie Mawad in Paris Click here to read more Say hello to Klarna’s little brother — B2B BNPL By Amy O'Brien Click here to read more It’s not all over for incumbent banks — or their fintech friends Sponsored by Microsoft Click here to read more Most Read 1 \Healthtech Is Daniel Ek’s new body scanner worth the hype? Sifted tried it out 2 \Venture Capital VC diversity needs to change — and white men need to take responsibility 3 \Venture Capital New €3.75bn European Investment Fund pot to back late-stage VCs 4 \Sustainability Counteract closes £15m fund for carbon removal solutions 5 \Mobility Was the $5bn that VCs plugged into escooters worth it?
It’s not all over for incumbent banks — or their fintech friends Sponsored by Microsoft Click here to read more