FCA apologises after confidential data breach
The FCA has referred itself to the Information Commissioner’s Office after admitting a data breach mistake which could have exposed the names of complainants.
The watchdog says that in November in response to a Freedom of Information Act request it may have revealed “confidential information” which could have identified complainants.
The FCA says it will apologise to anyone whose details were exposed and has taken steps to ensure there is no repeat.
The body said the FOI response related to the number and nature of new complaints made against the FCA and handled by the Complaints Team between 2 January 2018 and 17 July 2019.
The FCA said today in a statement that as soon as it became aware of the breach it removed the data from its website.
It said: “We have undertaken a full review to identify the extent of any information that may have been accessible. Our primary concern is to ensure the protection and safeguarding of individuals who may be identifiable from the data.”
It added: “In many instances, the extent of the accessible information was only the name of the person making the complaint, with no further confidential details or specific details of their complaint.
“However, there are instances where additional confidential information was contained within the description of the complaint, for example an address, telephone number, or other information.
“Where this is the case, we are making direct contact with the individuals concerned to apologise and to advise them of the extent of the data disclosed and what the next steps might be.”
“We have taken immediate action to ensure this cannot happen again. We have referred the matter to the Information Commissioner’s Office.”
The regulator said no financial, payment card, passport or other identity information were included.