Click to Skip Ad
Closing in...

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

If you use this popular shopping app, your personal data might’ve been exposed

Published May 31st, 2021 4:00PM EDT
Data breach
Image: terovesalainen/Adobe

Internet commerce has exploded over the past year as a result of the coronavirus pandemic, which confined millions of people around the world to their homes for months on end in addition to shuttering all kinds of shops and commercial enterprises. That forced consumers to rely more than ever on the delivery of goods to their homes that they were unable to pick up in person — a boon, of course, for Internet giants like Amazon.

An Internet behemoth like Amazon, of course, is able to handle an influx of new customers and all the commercial and security imperatives that come in tandem with that influx. Smaller companies, apparently, not so much. Case in point: The Swedish fintech company Klarna acknowledged a data breach in recent days, one that inspired users of the company’s buy now pay later service to flock to social media and complain that they’d somehow gotten access to strangers’ personal data.

For example, one Twitter user fretted at the end of last week that, because she was able to log on to her Klarna account but saw someone else’s information, it could mean that someone else might be logging on and seeing her own personal data:

In a company blog post penned by Klarna co-founder and CEO Sebastian Siemiatkowski, he noted that the security issue is now resolved and only affected no more than 9,500 of the company’s app users.

“The bug led to random user data being exposed to the wrong user when accessing our user interfaces,” he explains. “It is important to note that the access to data has been entirely random and not showing any data containing card or bank details (obfuscated data was visible). Even though GDPR would classify the information visible as ‘non-sensitive,’ for Klarna all data is important. We are taking this incident very seriously and we will work tirelessly to regain the affected consumers’ trust.”

It was discovered that an update introduced the error into the company’s systems, with Klarna stressing that human error caused this bug as opposed to an external breach of some kind.

Of course, this counts as a potential data breach, because as the Twitter thread shows above, some Klarna users were apparently able to see information associated with other users — information that could potentially be exploited for malicious purposes. “Oh dear … I can see all the information they provided including stored bank details, addresses, phone numbers, purchases etc.,” the Klarna user explains in that Twitter thread, referring to other customer data that was apparently able to be seen. “This doesn’t look good.”

Related coverage:

Andy Meek Trending News Editor

Andy Meek is a reporter based in Memphis who has covered media, entertainment, and culture for over 20 years. His work has appeared in outlets including The Guardian, Forbes, and The Financial Times, and he’s written for BGR since 2015. Andy's coverage includes technology and entertainment, and he has a particular interest in all things streaming.

Over the years, he’s interviewed legendary figures in entertainment and tech that range from Stan Lee to John McAfee, Peter Thiel, and Reed Hastings.