The Financial Conduct Authority data breach- one year on

In February last year, the Financial Conduct Authority data breach hit the news after the regulator was forced to admit that it had inadvertently exposed confidential consumer information.

The breach represented a humiliating blunder for the FCA, a government watchdog that regulates the UK financial services sector.

Indeed, as an authority that frequently investigates the security and data handling of other organisations, there was an embarrassing irony to the incident for the FCA. Although the data breach took place a year ago, any affected victims may still be eligible to claim compensation. We are still taking on claims, so contact us for advice about your potential claim.

What happened?

On 25^th February 2020, the FCA released a statement regarding an accidental publication of personal data on their website. The FCA, when responding to a request made in accordance with the Freedom of Information Act, intended to publish information relating to complaints made to it by consumers, but also failed to anonymise the data. As such, they accidentally included the names, addresses and phone numbers of some of the complainants. The complaints detailed in the response were made between 2^nd January 2018 and 17^th July 2019.

Fortunately, the FCA stated that no financial or identity data had been included in the disclosed information (e.g. payment cards or passports). Yet the Financial Conduct Authority data breach still exposed information designed to be kept confidentially, even in those instances in which only names were revealed.

Claiming compensation for the Financial Conduct Authority data breach

In response to the breach, the FCA reported the matter to the Information Commissioner’s Office for investigation. The FCA stated that it would make direct contact with anyone who has been affected by the accidental data publication.

Despite professing that “immediate action” had been taken, the FCA cannot be so easily forgiven for the errors made, particularly given that they have previously undertaken investigations into data security at other organisations. For instance, the FCA fined Tesco Bank £16.4m in 2018 after judging that the bank had failed to protect customer data, a fact that makes their own data breach somewhat ironic as a serious breach of their responsibilities.

We believe that the reputational damage may not be enough to satisfy victims that substantial improvements have been made since the Financial Conduct Authority data breach. So, in order to hold the FCA accountable, those affected by the data breach could be eligible to make a compensation claim for any harm or damage suffered. This could include damages for both the distress victims faced following the breach, as well as any financial losses or expenses that may have been provoked.

Make a data breach claim

The Financial Conduct Authority data breach saw the authority of the regulator seriously questioned after failing to protect personal data. When an organisation with such important data protection responsibilities contravenes data protection law, it is a damning indictment of the general carelessness towards data security which continues to affect the UK.

If you were notified of your involvement in the Financial Conduct Authority data breach, you still have time to make a claim. Contact us for free, no-obligation advice to ensure you don’t miss out on any potential chance to claim.

Data for sale online

Claims for the Robert Dyas data breach