It’s almost midnight and I’m sitting on a public bench on a busy street full of drunk musclehead types and aggressive would-be badasses, many of whom like to start fights. The above-pictured email from Mint.com inspired more fear in my mind than these d-bags ever have or could.
I’ll be honest — I don’t make a habit of donning the tinfoil hat with regard to the security of my various online transactions. I buy things online regularly, often from smaller sites that don’t have the cheddar or the security know-how that, say, Amazon does. Always trusting that if anything goes south, I’ll have adequate recourse with the bank that issued the card I used. People may think this to be a bit naïve, but I haven’t been seriously bitten yet. This Mint thing, though — this is different.
Mint has most of my banking information stored on its servers. I’m talking account numbers, recent activity, access credentials, the whole freaking nine. Getting a series of blank emails from them (and confirming that others received similar messages) kind of freaks me the hell out.
I’m very familiar with Hanlon’s Razor, which says:
“Never attribute to malice that which is adequately explained by stupidity.”
I don’t immediately assume that some nefarious prick is mucking around inside the plumbing of Mint.com, but that’s not the point. Even if it is some dumbass tech who accidentally clicked the “email the planet” button, my faith in the integrity of their service has been called into serious question.
Am I overreacting? Quite possibly. But, you’d be hard-pressed to name another area of life whose privacy and security are of bigger concern to the average person than their dough. Even the slightest possibility that I could wake up tomorrow having been dripped dry is more than enough cause for me to close the ever-loving pudding out of my Mint.com account.
That’s it for this unplanned episode of After-Hours FUD. Do you guys think I’m crazy?
Nope, it’s scared me too. So did you fully close your account? What will you be using for banking instead? I think I’m going to need to switch, but Quicken is so expensive (and now the same company that owns Mint…).
I just got back from my late-night walk and went to Mint.com to do just that, but the site’s down for maintenance. As for where I’ll go, I was never a huge Mint user to begin with, so I’ll probably just stick with my current inefficient habit of visiting a handful of online banking sites individually :)
Ah, I see. So you don’t use any financial applications to do personal bookkeeping?
Not any applications that are specifically geared toward personal finance, no.
Same happened to me, and I immediately changed all banking my passwords. And this is what Mint had to say on Twitter (@mint): “Our sincerest apologies for the blank emails tonight. Our bad. Please disregard. ^sm”
I disregard a lot of small things for web services I find invaluable. I don’t disregard things with significant value, like, say, my financial information.
Yeah, that was the icing for me. I realize they’re probably flogging some third-level sysadmin while hosing off the server that caught on fire, but they have to know that people are going to get a little (read: very) freaked by this.
I don’t understand how you can trust a third-party if your financial data is so sensitive to you?
I do a lot of stuff online, but my important data has to stay *my* data and I have to be 100% sure about it. Call me paranoid, but I think that I have a healthy attitude.
I agree, scary thing to receive. But
“Mint has most of my banking information stored on its servers”
isn’t true. All of that information is stored at Yodlee, the same company that stores the information for Bank of America, PNC Bank, and other major national banks. All Mint does is present a nice front-end to all that data, which isn’t actually stored with them.
Ok, I’ll concede that I obviously don’t know the ins and outs of how Mint works under the hood, but I’d venture to guess that somebody with access to a Mint.com computer might be able to get at more data than most of us would like. Totally tinfoil hat stuff, I admit, but, again, it gives me pause.