UK-based digital mobile-only bank Monzo asked 480,000 of its customers to change their debit card PINs after discovering that they were stored in encrypted log files. Engineers at Monzo have access to these log files as part of their job. Monzo says that the exposed customers’ information was immediately deleted and measures were taken to make it impossible for any of the employees to access it. The bank says that no information has been exposed outside Monzo, and this data hasn’t been used for fraud.
Source: https://www.bleepingcomputer.com/news/security/monzo-asks-clients-to-reset-pins-after-exposure-to-employees/