In early April 2026, a data leak affecting approximately 450,000 Lloyds Banking Group customers was reported, with details emerging in DataBreachToday’s weekly breach roundup. Lloyds Banking Group is the UK’s largest domestic bank by assets, serving approximately 30 million customers across its brands including Lloyds Bank, Halifax, and Bank of Scotland. The exposed records contained personal and financial customer information; exact data types were not confirmed at time of initial reporting. Lloyds Banking Group is regulated by the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) in the UK, and is required to notify the UK ICO under GDPR/UK GDPR within 72 hours of becoming aware of a breach likely to result in risk to individuals. The incident occurred during a period of heightened UK financial sector cyber activity in 2026. Previous notable UK banking incidents include the TSB IT migration disaster (2018), and various credential stuffing attacks against online banking platforms. A breach at Lloyds — as the UK’s largest retail bank — carries significant systemic risk concerns given the institution’s scale and the sensitivity of financial data for nearly a quarter of the UK population.