The Financial Conduct Authority (FCA) is a regulator that monitors the activity of financial services firms in the UK. Despite this authoritative position, the FCA has fallen foul of data laws, and was reportedly responsible for three major data breaches in 2020 alone. The three FCA data breaches in question were acknowledged following a Freedom of Information request (FOI) that was made by a media outlet, but the full details of the incidents were not expanded upon.
Regardless of the exact circumstances of incidents such as these, it is concerning to learn that personal information looks to have been exposed by the FCA. In its regulatory capacity, the FCA actually investigates businesses that have been responsible for data breaches, so its own reported failure to comply with data protection law could undermine the authority it should have over the organisations it regulates.
Given the sensitive information it holds about consumers and businesses, the FCA should have an advanced level of data security, but it seems to have failed in this responsibility on some occasions. When information is exposed by data controllers, they can be held accountable in accordance with the law. So, if you have been affected by a data breach, you could be entitled to make a compensation claim.
FCA data breaches – how can the regulator compromise data security?
FCA data breaches can result in the exposure of data to the public or other unauthorised users. The FCA was reportedly unable to give too much information in respect of those involved in the FOI, but one incident is understood to have been involved in was already reported in the media in 2020.
This one, from February 2020, is about the FCA reportedly having leaked the information of approximately 1,600 complainants who previously expressed dissatisfaction with the regulator. Over half of those affected are understood to have had their names exposed, and the rest also had addresses and phone numbers published. The humiliating error was made when the FCA responded to a FOI request for information, as whoever fulfilled the request appears to have failed to anonymise the data.
Data protection at the FCA
FCA data breaches undoubtedly raise concerns about the ability of the regulator and its employees to protect the personal information it is responsible for protecting. In fact, concerns have been raised previously when a Freedom of Information request reportedly showed that there may be a deficit of cybersecurity skills at the FCA. This is despite the fact that it is understood that thousands of employees received training on information security in recent years.
Data breach claims for victims
The FCA data breaches show that even organisations that appear to be authoritative and responsible can be capable of putting personal information at risk. If you have been affected by a leak of confidential records like those caused by the FCA, you may be able to pursue a data breach claim.
At Your Lawyers (t/a The Data Leak Lawyers), our leading expertise in data breach claims allows us to fight for the compensation that our clients deserve. We have held some of the biggest companies to account for breaching data protection law, including in our ongoing group actions against British Airways, Virgin Media and Equifax.
You can contact our team for free, no-obligation advice today to find out if you could be eligible to make a data breach compensation claim.