Finance
AI
LHV Bank Traces Mass Double-Billing to Decade-Old Code Error
Estonia's LHV Bank has identified a latent "race condition" flaw in code used since 2010 as the cause for a widespread double-charging glitch on January 22nd, and after restoring most customer balances, is now warning clients to be vigilant against related phishing scams.
- —LHV Bank has identified a "race condition" in its system as the cause of a technical glitch on January 22nd that resulted in customers being double-charged for card transactions.
- —The "race condition" is a type of logical error where security mechanisms failed under heavy load, a flaw present in a code segment used since 2010.
- —By the evening of January 22nd, LHV Bank reported that the account balances of most affected clients had been restored, with the correction of duplicate payments nearing completion.
- —LHV Bank advised customers to be vigilant against potential fraudulent calls or emails claiming to be from the bank regarding refunds, emphasizing that no customer action is required for reimbursements.
- —The incident, which began for some clients on January 21st, caused confusion and concern regarding the bank's reliability and the security of customer funds.
Recap
The LHV Bank incident reveals a critical vulnerability in financial infrastructure: long-dormant flaws in legacy code can trigger significant operational failures under specific stress conditions. While the bank's rapid response mitigated immediate financial damage, the event underscores the persistent risk of such latent bugs and has shifted the threat landscape to secondary fraud attempts targeting affected customers.