Security Flaw Briefly Closes Barclays Online Bank

A security breach apparently caused by a software upgrade forced Barclays Bank in London to close its online service on Monday after four customers reported that they were able to view summaries of other customer accounts.

Customers apparently were not able to do anything other than view the account summaries of other bank clients. The bank temporarily shut the online service, but brought it back up within a few hours after rolling back the problematic upgrade, according to a Barclays statement.

"Barclays views this compromise in the security and integrity of its online service as unacceptable -- security of customer information is paramount," the written statement released on Monday said.

The flaw was reported by four of the 85,000 customers who used the online service Monday morning. Those four contacted the bank help desk to alert them to the problem.

Although the bank appears to have reacted swiftly, the risk to consumers of such security glitches is slight, said Alan Paller, director of the SANS Institute in Bethesda, Maryland. SANS, which stands for System Administration, Networking and Security, is a cooperative research and education organization that enables thousands of computer professionals to share information related to security issues.

Of far greater concern than the Barclays glitch are incidents of threats to larger databases where miscreants access personal data to misuse it or to resell it. Incidents where specific computer systems are targeted by hackers also is a larger threat, Paller said.

"A random event (such as the Barclays incident) isn't any more common than leaving a file out at an office where a delivery person is walking by," he said, adding that the delivery person might inadvertently see the personal information but that occurrence doesn't lead to the information being misused in any way.

A spokeswoman for Barclays did not return telephone messages seeking additional comment and information on the incident.

Barclays, in London, can be reached at +44-171-699-5000 or http://www.barclays.co.uk/. SANS, in Bethesda, can be reached at +1-301-951-0102 or http://www.sans.org/.

Join the newsletter!

Error: Please check your email address.

More about Barclays Global Investors AustraliaSANS InstituteThe SANS Institute

Show Comments

Market Place