Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Companies House Security Issue: UK Firms Urged to Check Details

The flaw exposed sensitive details like dates of birth and addresses to logged-in users and was fixed after being introduced in October 2025.

  • On Monday, Companies House restored its WebFiling service after resolving a security flaw that allowed logged-in users to access and edit private data belonging to other firms.
  • An internal investigation suggests the glitch originated during a WebFiling system update in October, remaining undetected until John Hewitt, director of operations at Ghost Mail, identified the vulnerability on Thursday.
  • The bug exposed data for 5 million companies, potentially allowing users to access directors' residential addresses, dates of birth, and company emails through repeated browser back-button presses.
  • Companies House CEO Andy King apologized for the incident and reported it to the Information Commissioner's Office and National Cyber Security Centre, confirming that passwords remained secure.
  • King vowed to take "firm action" if evidence of misuse emerges, while the agency emails businesses with guidance on checking their registered details for unauthorized changes.
Insights by Ground AI
Podcasts & Opinions

13 Articles

GB NewsGB News
Lean Right

'Astonishing' Companies House data breach exposed millions of director's private information for months

A significant security vulnerability in the Companies House WebFiling system may have left the personal details of millions of UK company directors exposed for approximately five months, it has emerged.The flaw, which was introduced during a system update in October 2025, potentially allowed logged-in users to view and modify other firms' confidential information without authorisation.Sensitive data including residential addresses, dates of birt…

·London, United Kingdom
Read Full Article
The IndependentThe Independent
Lean Left

Millions of UK businesses exposed by Companies House security flaw

Residential addresses of business directors among the data exposed

·London, United Kingdom
Read Full Article
Evening StandardEvening Standard
Reposted by
perspectivemedia.comperspectivemedia.com
Center

Companies House reveals IT update five months ago likely cause of major glitch

A bug in its WebFiling service allowed users to access other companies’ details by pressing the back key on their web browser.

·London, United Kingdom
Read Full Article
BBC NewsBBC News
Center

Companies House security issue: UK firms urged to check details

The glitch meant logged-in users could view and edit other companies' details without their consent.

·United Kingdom
Read Full Article
The RegisterThe Register
Center

UK's corporate registry fixes data exposing technical error

: Back button blunder in WebFiling service run by Companies House revealed confidential paperwork

Read Full Article
IT PROIT PRO

'The latest in a series of public sector data disasters': Cyber experts hit out at Companies House security fiasco

Cybersecurity experts have called for an overhaul of public sector security processes after a Companies House flaw left thousands of businesses at risk.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 50% of the sources are Center
50% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

City AM broke the news in London, United Kingdom on Monday, March 16, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Data Breaches icon

Data Breaches

United Kingdom icon

United Kingdom

Cybersecurity icon

Cybersecurity

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal