Human error during a planned system update led to the leaking of protected address data of Danske bank customers to outsiders.
Editorial
This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.
During a period of three months in 2025, the coding error led to protected addresses being visible to recipients of domestic payment transactions as part of the payment details in Denmark.
The bank says: “The issue occurred despite multilayered technical and organisational controls being in place. When the issue was identified in October 2025, a correction was deployed immediately, and we initiated an investigation to determine the scope and root cause of the issue.”
All told some 20,600 customers had their personal addresses leaked.
Says the bank: “Since identifying the issue, we have performed several reconciliation exercises and implemented controls to ensure our processes are operating correctly and further integrated regular controls, alongside organisational and technical measures to further reduce the risk of similar incidents occurring in the future.”
