Companies House Glitch Exposes Business and Director Data to Unauthorized Users

8d ago1 min readBusiness Technology Legal

In Brief

A Companies House IT update caused a glitch exposing business and director data to unauthorized users.

Key Facts

A Companies House WebFiling bug allowed users to access other companies’ details by using the browser back key.
Residential addresses of business directors were among the data exposed.
Millions of UK businesses were affected by the security flaw.
The glitch allowed logged-in users to view and edit other companies' details without consent.
Companies House attributed the issue to an IT update five months ago.

What Happened

A security flaw in Companies House's WebFiling service enabled users to access and edit details of other companies, including directors' residential addresses, due to a bug linked to an IT update.

Why It Matters

The exposure of sensitive business and personal data raises concerns about data security and privacy for millions of UK businesses and their directors. It highlights potential risks in digital government services.

What's Next

Firms have been urged to check their records for unauthorized changes. Companies House may face further scrutiny over its IT systems and data protection measures.

Sources

The Independent — Companies House reveals IT update five months ago likely cause of major glitch(3h ago)
BBC News — Firms urged to check records after Companies House glitch let others edit data(3h ago)
The Independent — Millions of UK businesses exposed by Companies House security flaw(4m ago)