FCA admits revealing personal details of 1,600 consumers in data breach

The City watchdog has admitted mistakenly publishing the details of around 1,600 consumers who complained about it in an embarrassing data breach.

The Financial Conduct Authority (FCA) revealed the personal details of complainants on its website in response to a Freedom of Information request, meaning the data was accessible by anyone between November 2019 and February this year.

Data leaked included names of complainants and, in some cases, other confidential details were shown, such as their addresses, telephone numbers and the nature of their complaint.

Governor of the Bank of England
Governor of the Bank of England

The regulator said no financial, payment card, passport or other identity details were included.

It removed the information as soon as it became aware of the breach and said it is making direct contact with complainants whose personal details were exposed to apologise and advise them of the next steps.

The breach related to those people who made a complaint against the FCA between January 2018 and July 2019.

The FCA said it has “taken immediate action to ensure this cannot happen again” and has also reported the breach to the Information Commissioner’s Office (ICO).

The FCA said: “We have undertaken a full review to identify the extent of any information that may have been accessible.

“Our primary concern is to ensure the protection and safeguarding of individuals who may be identifiable from the data.”