Testing times for Halifax web service.

Inadequate software testing seems to be at fault for last week's security breach at Halifax's online share dealing service. The service was suspended last Friday after customers accessing the system were shown details of other people's accounts.

The problem followed system modifications and testing on Thursday night by Halifax's software supplier TCA Synergo. TCA claims that its software handles 25% of UK private share dealings. Its customers include investment bank Charles Schwab and Barclays Stockbrokers.

'If serious faults get through testing, then the testing isn't thorough enough,' said Graham Titterington, a senior analyst at researcher Ovum.Trevor Eddolls, an analyst at researcher Xephon agreed. 'It seems a bit crass to implement a change before the system has been tested properly,' he said.

Sue Concannon, Halifax's share dealing managing director, said the problem was unpredictable. 'The error was due to a combination of factors that the system hadn't seen before,' she said. A spokesman for TCA said Halifax has implemented 'additional controls' following the fault.

Concannon conceded that similar situations could be avoided as companies gain more experience in ecommerce. 'What we've learned is that some of these system issues are very complex,' she said. 'We need to find a better way to look at unusual circumstances.'

Halifax says the fault affected around 10 customers, but said no erroneous trades were carried out. The service resumed this week.

However, Halifax customer James McCloud, who saw another customer's account details as well as information on stock purchases, remains unconvinced. He plans to change his account, move his portfolio, and cancel all standing orders and direct debits.

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!