The FCA has admitted that it has committed a data breach as it accidentally published names and contact details of people who made complaints to the watchdog.

The confidential details were revealed in response to a Freedom of Information request last year.

It has only recently been made aware of the breach which took place between January 2018 and July 2019.

It says: “The FCA was recently made aware that, in a response to a Freedom of Information Act request published on our website in November 2019, certain underlying confidential information may have been accessible.

“The response related to the number and nature of new complaints made against the FCA and handled by the complaints team between 2 January 2018 and 17 July 2019. 

“The publication of this information was a mistake by the FCA.”

The regulator says it removed the information as soon as it was made aware of the issue.

It says it has carried out a full review to establish what information was shared.

It adds: “Our primary concern is to ensure the protection and safeguarding of individuals who may be identifiable from the data.

“In many instances, the extent of the accessible information was only the name of the person making the complaint, with no further confidential details or specific details of their complaint.

“However, there are instances where additional confidential information was contained within the description of the complaint, for example an address, telephone number, or other information.

“Where this is the case, we are making direct contact with the individuals concerned to apologise and to advise them of the extent of the data disclosed and what the next steps might be.”

No financial, payment card, passport or other identity information were included, it says.

The FCA says it has referred the matter to the Information Commissioner’s Office and taken steps to ensure it cannot happen again.