FCA suffers data breach

FCA suffers data breach

The Financial Conduct Authority (FCA) has admitted to accidentally posting the personal information of an estimated 1,600 people who complained about it on its website.

The FCA has issued a statement which says that in a response to a Freedom of Information Act request published on our website in November 2019, ‘certain underlying confidential information may have been accessible.’

The FCA said: “As soon as we became aware of this, we removed the relevant data from our website. We have undertaken a full review to identify the extent of any information that may have been accessible. Our primary concern is to ensure the protection and safeguarding of individuals who may be identifiable from the data.”

In several instances, the only data provided was the name of the person making the complaint, with no further confidential details or specific details of the complaint listed.



However, the FCA said that there were instances where additional confidential information was contained within the description of the complaint, for example, an address, telephone number, or other information.

Where this is the case, the regulator is making direct contact with the individuals concerned to apologise and to advise them of the extent of the data disclosed and what the next steps might be.

The FCA confirmed that no financial, payment card, passport or other identifying information were included.

The watchdog said it had taken immediate action to ensure this will not happen again and have since referred the matter to the Information Commissioner’s Office.

Share icon
Share this article: