FCA Admits Revealing Customers’ Details

As reported by BBC News, the Financial Conduct Authority (FCA) has admitted that it inadvertently published online the personal data of people who made complaints against it. The UK’s City watchdog said the names of the complainants, along with some addresses and telephone numbers, were accessible.

It will contact the most affected people to apologise and offer advice on next steps, it said. The watchdog added it had referred itself to UK privacy authorities. The personal information was published in November in response to a Freedom of Information request as part of a spreadsheet. The watchdog discovered the incident in early February, and immediately removed the data. The publication of this information was a mistake by the FCA.

Experts Comments

February 26, 2020
Piers Wilson
Head of Product Management
Huntsman Security
To see the FCA having to refer itself to the ICO shows how easy data can be exposed through human error. In this case it is the inadvertent sharing of a FOI response with personal data contained within it, but it can also happen through deliberate or careless sharing of spreadsheets, data sets or documents, or the transmission of emails to wrongly addressed recipients. No matter what an organisation does, or how much experience it has in security and privacy mistakes can happen. These can be.....Read More
To see the FCA having to refer itself to the ICO shows how easy data can be exposed through human error. In this case it is the inadvertent sharing of a FOI response with personal data contained within it, but it can also happen through deliberate or careless sharing of spreadsheets, data sets or documents, or the transmission of emails to wrongly addressed recipients. No matter what an organisation does, or how much experience it has in security and privacy mistakes can happen. These can be when information is intended to be shared but hasn't been sanitised, or when information stored, transmitted or shared in other ways.  Read Less
February 26, 2020
Jake Moore
Cybersecurity Specialist
ESET
Cyber criminals can do some serious damage with a breached database containing personal identifiable information. From identity theft to scams and spam, they will try their luck on what they can and even attempt to gain entry to your accounts using just the email address. An incredibly large amount of people still use predictable or simple passwords, and many people's passwords are also readily available on the dark web thanks to previous breaches, so it quickly becomes a case of joining the.....Read More
Cyber criminals can do some serious damage with a breached database containing personal identifiable information. From identity theft to scams and spam, they will try their luck on what they can and even attempt to gain entry to your accounts using just the email address. An incredibly large amount of people still use predictable or simple passwords, and many people's passwords are also readily available on the dark web thanks to previous breaches, so it quickly becomes a case of joining the dots for the cybercriminals. This risk is then increased due to the fact that many people use the same passwords across multiple accounts. My advice is to use a password manager to store your uniquely different passwords robustly online so you don’t have to remember them all. Implementing 2FA will also help mitigate this risk.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts