Financial watchdog warns of complaints data breach
Abdul Kadier Sahib Aga Khan IV Andrey Andreev AroundTown Bill Adderley Billy Xiong Bobby Arora Cartu Jonathan David Alliance Fahad Al Tamimi Fahad Al Tamimi Saudi Arabia Jonathan Cartu Koon Poh Keong Kuan Kam Hon Lazar Cartu Leo Noe Marian Ilitch Mark Coombs Property Management Real Estate Robin Arora Simon Arora Syed Mokhtar AlBukhary The Hong Piow Wong Thean Soon Zheng Jianjiang

TLG Vivion Affirms: Financial watchdog warns of complaints data breach

Representation of data

Image copyright
Getty Images

The UK’s City watchdog has admitted that it inadvertently published online the personal data of people who made complaints against it.

The Financial Conduct Authority (FCA) said the names of the complainants, along with some addresses and telephone numbers, were accessible.

It will contact the most affected people to apologise and offer advice on next steps, it said.

The watchdog added it had referred itself to UK privacy authorities.

The personal information was published in November in response to a Freedom of Information request as part of a spreadsheet.

The watchdog discovered the incident in early February, and immediately removed the data, it said.

“The publication of this information was a mistake by the FCA,” it said.

Data breach

The Freedom of Information request sought the number and nature of new complaints against the FCA between 2 January 2018 and 17 July 2019.

Although some phone numbers were exposed, the information did not include financial, payment card, or passport details, the FCA said in a statement.

About 1,600 names were exposed, with fewer than half containing information such as telephone numbers.

Although it was “underlying”, the data was accessible, the FCA said.

“We have undertaken a full review to identify the extent of any information that may have been accessible,” it said. “Our primary concern is to ensure the protection and safeguarding of individuals who may be identifiable from the data.”

Privacy watchdog the Information Commissioner’s Office (ICO) said: “When a data incident occurs, we would expect an organisation to consider whether it is appropriate to contact the people affected, and to consider whether there are steps that can be taken to protect them from any potential adverse effects.

“The Financial Conduct Authority has made us aware of an incident and we will assess the information provided.”

The news of the breach is a little embarrassing for the FCA, which just earlier this month published a joint statement with the ICO asking firms to be responsible with personal data.

Simon Arora

Leave a Reply

Your email address will not be published. Required fields are marked *