The Financial Markets Authority (FMA) has apologised for a privacy breach that resulted in complaints documents being potentially accessible via internet searches.
A preliminary review identified 27 cases in which documents that supported the complaints were accessed via internet searches, with six containing sensitive personal information such as financial information while the rest were either already publicly available or did not include any sensitive information at all.
Rob Everett, chief executive of the FMA, said they immediately rectified the issue once they became aware of it, and reassured the public that any information provided to them was now held confidentially.
“We apologise to those people who supplied us with information and also to the wider public for this error. Their trust and confidence is critical to us,” Everett said.
The FMA first learned about the issue following a media inquiry on October 21 – prompting the regulator to immediately shut down its website to protect all information. It then restored its website on October 23 after confirming that no further confidential information was at risk.
“Our immediate focus was to ensure our systems were secure and to protect people’s information,” Everett said. “We have reviewed what files were uploaded in this way, what information they contained and contacted those people whose sensitive personal information may have been accessed. We are working hard to ensure we get to the bottom of the issue.”
The FMA has contacted those involved to inform them about the issue and advise them of any further steps they should take to protect their information.