Information Commissioner's Office

  1. City watchdog in major data breach

    FCA building

    The City watchdog has admitted this morning that it revealed the confidential details of consumers on its website in a data breach last year.

    In a statement the Financial Conduct Authority said it had referred itself to the Information Commissioner’s Office over the incident in November 2019.

    It mistakenly published details of people who had made a complaint to the regulator between January 2018 and July 2019.

    In some instances the confidential details included names, addresses, telephone numbers and also the nature of the complaint.

    The FCA said: "As soon as we became aware of this, we removed the relevant data from our website. We have undertaken a full review to identify the extent of any information that may have been accessible.

    "Our primary concern is to ensure the protection and safeguarding of individuals who may be identifiable from the data."

  2. Dixons Carphone fined £500,000 for data breach

    Exterior of Carphone Warehouse store

    Dixons Carphone has been fined £500,000 for a huge data breach which revealed the personal names, postcodes, email addresses and failed credit checks of 14 million people.

    The Information Commissioner's Office (ICO) found that 5.6 million payment card details were also compromised during the cyber attack between July 2017 and April 2018.

    Carphone Warehouse, which is part of the same group, had previously been fined £400,000 for a similar data breach in 2015.

    Dixons Carphone Chief Executive, Alex Baldock, said: “We are very sorry for any inconvenience this historic incident caused to our customers. When we found the unauthorised access to data, we promptly launched an investigation, added extra security measures and contained the incident. We duly notified regulators and the police and communicated with all our customers. We have no confirmed evidence of any customers suffering fraud or financial loss as a result.

    "We have upgraded our detection and response capabilities and, as the ICO acknowledges, we have made significant investment in our Information Security systems and processes.

    "We are disappointed in some of the ICO’s key findings which we have previously challenged and continue to dispute. We’re studying their conclusions in detail and considering our grounds for appeal.”