FCA admits to freedom of information data breach
The Financial Conduct Authority (FCA) has admitted to a data breach which saw confidential information accidentally made publicly available.
The UK regulator said that as soon as it became aware of the mistake all relevant data was removed from the website.
The regulator confirmed information linked to a freedom of information (FoI) request published in November last year "may have been available" and the publication of this data was the fault of the FCA.
We have undertaken a full review to identify the extent of any information that may have been accessible"
The FOI response related to the number and nature of new complaints made against the regulator and handled by its Complaints Team between 2 January 2018 and 17 July 2019.
The statement said: "We have undertaken a full review to identify the extent of any information that may have been accessible." It added its "primary concern" was to ensure the protection and safeguarding of individuals who could be identifiable from the data.
"However, there are instances where additional confidential information was contained within the description of the complaint, for example, an address, telephone number, or other information.
"Where this is the case, we are making direct contact with the individuals concerned to apologise and to advise them of the extent of the data disclosed and what the next steps might be."
The FCA confirmed that "no financial, payment card, passport or other identity information" were included within the data. It said it has taken "immediate action" to ensure this will not happen again and has referred the issue to the Information Commissioner's Office.
This article was first published by Professional Adviser, a sister publication to International Investment.
