Yes, those people not affected at all by the issue must have hated that, but if you think the email looked suspicious then it means you saw it and you have been reading about it here
Feels to me like a bit too close to concern trolling for comfort
Yes, because nothing looks more legit than a text message telling me to change my PIN…
For what it’s worth, you’re likely going to get compensation. The message you sent shows it’s been raised with the Customer Advocacy Team on your behalf, which in my experience, always pays out a token £15-50 for inconveniences like this.
You’ll get an email soon saying they’re taking this as a formal complaint.
They’re being open and honest about it… so what I’m saying doesn’t change… ultimately you have to either change your PIN, or (unlikely, but) risk one of their employees committing fraud on your account, having to go to court, waste a LOT of time rectifying everything.
I haven’t seen anyone being forced to change their pin? are accounts being frozen? Apps locked? Cards not working? Nope, didn’t think so, you are strongly advised to make a change, but not being marched to the ATM to do it
Have they? I haven’t read that. How did the PINs get saved in log files?
Exactly so Monzo would refund very quickly as it would become very expensive for them to pay court costs for both parties.
If it happened to multiple customers it quickly becomes thousands and hundreds of thousands if not millions.
That cartoon strip will never let us down
That little doggo is the hero that Monzo deserves, but not the one it needs right now…
Off later to change the PINs on my cards
Less than mega delighted, but trying to look on it in the same way I did last year when I changed every web password I had to something unique and unguessable…
And not indemnified against any future fraud. Current, joint, savings and business accounts with Monzo. They may not be marching me to the ATM, the risk may be very small, but… If it were to happen and I got cleared out, I don’t fancy taking my chances in court when they’ve explicitly told me they won’t offer an indemnity.
So, the conclusion I draw from that is I am effectively forced to change my PIN or leave Monzo.
How does anything ever get saved in a log file? Someone coded it that way, for reason or reasons I could speculate on but, yes, are currently unknown. The fact that it got into the production environment, as you said yourself “… points to processes that aren’t robust enough.” I agree."
As for your subsequent comment, “I’ve said it many times, this type of error just shouldn’t be possible for a bank.”, unfortunately anything is possible where humans are involved.
I’m sure there’ll be a full internal review and another gap will be closed. I’m not excusing this, but I’ve worked in IT for long enough to know that, just like me, other individuals and organisations are not infallible.
But they haven’t explicitly told anyone else this. Which, for me, is more worrying than the fact that this whole issue happened.
See the in-app chat message in a previous post of mine. I’ve fed back that I believe the current message about indemnity is not clear enough.
Off-topic: I always have to do a double-take on your username. Some kind of word-blindness always results in me seeing a different word…
This is what I find strange. Why haven’t Monzo forced a PIN reset to everyone affected, rather than just suggesting that it might be a good idea.
Presumably because that would catch out 480k people & leave them unable to use their card until they reset their PIN.
But by not doing it, it suggests it’s a non-issue. But the message that @projectfortytwo had from COps suggests otherwise. It’s a mixed signal from Monzo.
Doing a force reset, while frustrating, would be seen as doing something proactive, rather than the pretty weakly worded email.
The cost (impact on users) would significantly outweigh the benefit.
I’d be more annoyed if I was forced to have a new PIN tbh. 
Yes. I get that you’ve been told this by Monzo.
All I’ve been told is that I should change my PIN, with no sense of urgency or timescale given. I was also told that, if I was abroad, to do it when I get back to the UK. Which suggests that there’s no urgency.
My suspicion is that you’ve stumbled across an over zealous COp. But I fully understand your disgruntlement 
Regards,
The Devil Incarnate. (If I’m guessing right).
