Klarna says app data bug was “self-inflicted”

Buy-now-pay-later giant Klarna said yesterday’s embarrassing bug which gave some customers access to each other’s account data was its own mistake.

In a statement last night Klarna explained that “a human error caused the bug and it was not an external breach of our systems.”

The bug, which was only live for 31 minutes according to Klarna, was discovered on social media when Klarna users

“Trust is at the very core of Klarna and banking. This is why we are sad and frustrated to inform you of a self-inflicted incident, that for 31 min affected a small subset of our app users,” wrote CEO Sebastian Siemiatkowski in a blog post explaining what had happened.

After the bug was discovered Klarna disabled it’s mobile app for several hours while it rolled back the changes that it had made, leaving customers unable to access its service.

Some 9,500 users where impacted by the bug, being able to view other customers’ details every time they opened the Klarna mobile app.

“Our customers’ trust and safety are our top priority, which makes situations like these extra important to us,” said Siemiatkowski, who added that work was continuing to understand exactly how a bug like this managed to go live.

UPDATE 28-05-2021 - Klarna initially reported 90,000 customers had been affected by the bug, however this was later revised down to 9,500.