What's happened
A bug in the UK’s corporate register exposed over five million companies’ data for five months. Experts warn this could enable fraud, impersonation, and data theft. Companies House is investigating, and authorities have been notified. Business owners are advised to review their details for any suspicious changes.
What's behind the headline?
The breach highlights systemic weaknesses in UK digital infrastructure, especially in public sector data management. The fact that over five million companies’ information was accessible for months indicates inadequate security controls and oversight. This incident will likely accelerate calls for stricter cybersecurity standards and audits for government databases. Criminals could exploit this data for impersonation, fraud, or corporate espionage, especially targeting larger firms with more sensitive information. The response from Companies House, including self-reporting to authorities and promising system improvements, is crucial but must be transparent and thorough. The incident underscores the importance of continuous security testing and rapid incident response in safeguarding digital assets. The potential for long-term damage to trust in UK digital services is significant, and authorities will need to restore confidence through clear communication and robust safeguards.
What the papers say
The Independent reports that the breach was caused by a bug in the UK’s corporate register, which was only addressed after five months. Experts warn that this vulnerability could be exploited for fraud and impersonation, with criminal actors potentially changing company details or uploading false documentation. The article emphasizes the importance of reviewing company data and highlights the systemic issues in public sector cybersecurity.
The Guardian details the incident where customers of Lloyds, Halifax, and Bank of Scotland experienced viewing other people's transactions and account details due to a technical glitch. The banks confirmed the issue was quickly resolved, but the event raised concerns about the security of digital banking channels. The articles from Reuters and The Independent also discuss the ongoing investigations and the regulatory scrutiny, with the Treasury Committee demanding detailed explanations from Lloyds about the incident.
Contrasting opinions suggest that while the banks acted swiftly to resolve the app glitch, the broader systemic vulnerabilities in UK banking and public sector systems remain unaddressed. Critics argue that these repeated outages and data breaches reflect a failure to implement resilient cybersecurity measures, which could have severe consequences if exploited maliciously. The authorities’ response, including investigations and regulatory oversight, will be pivotal in determining whether systemic reforms will follow.
How we got here
The breach was caused by a software bug in the UK’s Companies House system, which was reported on March 17, 2026. The vulnerability allowed unauthorized viewing and editing of company data, including names, addresses, and dates of birth. The issue persisted for five months before being identified and addressed. This incident follows a pattern of systemic vulnerabilities in UK financial and public sector digital infrastructure, which have seen multiple outages and security lapses over recent years.
Go deeper
Common question
-
Are My Bank Details Safe After the Recent Data Glitch?
A recent technical glitch in UK banks like Lloyds, Halifax, and Bank of Scotland temporarily exposed some customer data. Many are wondering if their personal and financial information is now at risk. In this page, we'll explore what happened, whether your details are safe, and what steps you should take if you're concerned about data security after this incident.
-
Is Your Digital Banking Safe After Recent Glitches?
Recent technical issues in UK banking apps have raised concerns about data security and system reliability. Customers experienced brief data leaks, prompting questions about how secure digital banking really is and what banks are doing to protect your information. Below, we explore the causes of these glitches, how safe digital banking remains, and what steps you should take if you encounter problems.
-
What Caused the Lloyds App Glitch and Is Online Banking Safe Now?
Recently, Lloyds Banking Group experienced a significant app glitch that exposed customer data, raising concerns about digital security and the safety of online banking. Many wonder what caused this issue, whether it could happen again, and what banks are doing to protect their customers. Below, we explore the details of the incident and answer common questions about banking app glitches and data security.
More on these topics
-
Lloyds Banking Group plc is a major British financial institution formed through the acquisition of HBOS by Lloyds TSB in 2009.
-
The Bank of Scotland plc (Scottish Gaelic: Banca na h-Alba) is a commercial and clearing bank based in Edinburgh, Scotland, and is part of the Lloyds Banking Group. The bank was established by the Parliament of Scotland in 1695 to develop Scotland's trade
-
Charles Alan Nunn is a British banker and former management consultant, and the chief executive of Lloyds Banking Group since August 2021.
-
Dame Margaret Olivia Hillier (born 14 February 1969), known as Meg Hillier, is a British Labour and Co-operative politician who has been the Member of Parliament (MP) for Hackney South and Shoreditch since 2005. Hillier was a junior government minister...