Companies House Glitch Exposes Business and Director Data to Unauthorized Users

1-Minute Brief

A Companies House IT update caused a glitch exposing business and director data to unauthorized users.

Key Facts

• A Companies House WebFiling bug allowed users to access other companies’ details by using the browser back key.
• Residential addresses of business directors were among the data exposed.
• Millions of UK businesses were affected by the security flaw.
• The glitch allowed logged-in users to view and edit other companies' details without consent.
• Companies House attributed the issue to an IT update five months ago.

What Happened

A security flaw in Companies House's WebFiling service enabled users to access and edit details of other companies, including directors' residential addresses, due to a bug linked to an IT update.

Why It Matters

The exposure of sensitive business and personal data raises concerns about data security and privacy for millions of UK businesses and their directors. It highlights potential risks in digital government services.

What's Next

Firms have been urged to check their records for unauthorized changes. Companies House may face further scrutiny over its IT systems and data protection measures.