Rudder is a personal finance web service that tracks your finances and emails you updates each morning to give you a summary of your current financial situation. Sounds nice? It is until they start emailing people other users’ financial information. Oops!
Apparently Rudder made a bit of a slip (ok, a huge slip) yesterday (5/19/09) when it emailed a large number of users the financial information of other people in their system. According to TechCrunch, one woman received around 300 emails containing the financials of other users.
What Does This Mean for Rudder?
Now, before we all throw our arms in the air in disgust let me be clear on something. The only information that the emails contained were the balances in the users accounts. From what I’ve read, there were no bank account numbers, social security numbers, passwords or other sensitive information shared. Essentially you only got to see what some stranger in New York had in their bank.
End of the world? No. Cause for concern? Sure.
The main cause for concern that I see with this mishap is simply the fact that a company that deals with people’s financials made a mistake and the security wasn’t as tight as it should have been.
Of course, this is going to be a disaster for Rudder. When it comes to peoples finances, you simply can’t afford any lack of trust. Only time will tell if Rudder will be able to pull out of this mess and stay afloat.
Should We Worry About Other Services?
Some have raised the question of whether or not we can trust other services similar to Rudder with our financial information. Just because one company wasn’t as careful with their security does not mean that others will be as well. I have no reason to believe that other services such as Mint, Wesabe, etc. haven’t done all that’s necessary to ensure the privacy and security of your information.
If fact, in light of this Rudder slip up, I’m sure other companies will now be even more diligent in their security practices.