Lloyds outage raises questions over data breach risk
Associate Stephen Cartwright comments on the potential regulatory implications following reports that a technical issue at Lloyds Bank briefly exposed customer financial information, in City AM.
"Lloyds is likely to face close scrutiny from both the ICO and the FCA, as unintentionally exposing customers’ transaction histories can amount to a personal data breach under UK GDPR.
"Regulators will examine how the glitch occurred, whether Lloyds had appropriate technical and organisational measures in place, and what remedial steps are being taken to prevent a recurrence. If systemic shortcomings are identified, the incident could trigger enforcement action and potentially a significant fine of up to £17.5 million or 4% of global annual turnover, whichever is higher.
"Consumers will rightly expect swift, transparent action to restore confidence in Lloyds’ ability to safeguard their financial data."
An extract of Stephen’s comments was published in City AM, 13 March 2026.
