Britain’s Financial Conduct Authority (FCA) has admitted an accidental leak of confidential information, including the names and some contact details of people who had made complaints against the watchdog in 2018 and 2019, on its website.
The FCA said on Tuesday, the private data, which may have been accessible following a response to a Freedom of Information request in November, was removed from its website as soon as it became aware of the issue.
It has undertaken a full review to identify the scale and scope of the data breach and has apologized to those individuals affected.
“The publication of this information was a mistake by the FCA,” the watchdog said.
“Our primary concern is to ensure the protection and safeguarding of individuals who may be identifiable from the data,” the FCA said. The watchdog also said that no financial, payment card, passport or other identity information were made accessible.
The Information Commissioner’s Office, the body responsible for investigating and imposing sanctions on organizations found guilty of breaches of sensitive data, said the FCA had reported the incident and it would assess the information provided.
“People have the right to expect that organizations will handle their personal information securely and responsibly. Where that doesn’t happen, people can come to the ICO and we will look into the details,” a ICO spokeswoman said.
The ICO has the power to impose fines of up to 20 million euros, or 4 per cent of a firm’s total global annual turnover.