Companies House faces critical security breach

16 Mar 2026News

Companies House encountered a significant security issue allowing unauthorised users to access sensitive company information

The UK’s Companies House recently faced a serious security issue affecting its WebFiling service. During this incident, which occurred between 1.30pm on Friday, 13 March, and 9am on Monday, 16 March, logged-in users were potentially able to access and modify elements of another company’s details without consent. This raised concerns over the integrity and confidentiality of sensitive information held by the agency.

In a statement published on the Government’s website, Andy King, Chief Executive of Companies House, explained that sensitive data, including dates of birth, residential addresses, and company email addresses, may have been exposed to other logged-in users. Furthermore, the breach could have allowed for unauthorized filings such as accounts or changes of directors on different companies' records.

James Orloff, a corporate and commercial partner at London law firm Spector Constant & Williams, highlighted the gravity of the situation, stating, “The news of the recent security issue affecting the Companies House WebFiling service is extremely concerning for companies and their officers charged with keeping their public information up to date particularly at a time when the role of Companies House is expanding in light of the reforms brought in by the ECCTA regulations. Users’ confidence in the system is paramount." He further cautioned, “It appears that the issue could have made it possible for unauthorised filings, for instance accounts or changes of director, to have been made on another company’s record. All companies should follow the guidance and check their registered details and filing history to make sure everything on their record appears correct.”

In response to the breach, Companies House shut down the WebFiling service to thoroughly investigate, resolve, and independently test the issue. The government has assured the public that measures are being taken to prevent such breaches in the future, reinforcing the need for robust security protocols within all digital services related to company registrations.

Legal News desk contact: editorial@solicitorsjournal.com

Latest Articles

South West Water faces pollution penalties

South West Water has pleaded guilty to multiple pollution charges, while CEO Susan Davy’s pay rises amid controversy

Government acts to combat waste crime

The government is set to empower environment officers with police-style powers to effectively tackle waste criminals

Simple law change needed for victims

A campaign seeking equal compensation for all asbestos-related lung cancer victims is set for debate

When defence deadlines lose their meaning in clinical negligence claims

Delays in filing defences in clinical negligence claims are becoming routine, with extensions stretching months beyond the timetable set out in the Civil Procedure Rules

STEP unveils report on family wealth

STEP has launched its Barometer report focusing on evolving family wealth issues and advisor roles in light of global changes

TfL paid out millions in claims

Transport for London (TfL) has disclosed that it spent over £3 million on personal injury claims in the last tax year, based on data obtained via a Freedom of Information request from Personal Injury Solicitors London

LXLP v St George's University Hospitals NHS Foundation Trust: causation fails despite admitted negligence in cerebral palsy claim

Cerebral palsy claim dismissed where antibiotic omissions admitted but causal link to PVL unproven.

Epping Forest District Council v Somani Hotels: Court of Appeal refuses permission on all grounds

Planning enforcement action against asylum seeker accommodation fails at every level of appeal.

SGL 1 Ltd v FSV Freeholders Ltd: Court of Appeal overturns Long Acre on the meaning of "building" under the LTA 1987

The Court of Appeal held that separate structures sharing appurtenant premises do not automatically constitute a single "building" for the purposes of Part 1 of the Landlord and Tenant Act 1987.

Omooba v Global Artists: Court of Appeal dismisses bid to reopen religious belief discrimination case

Court of Appeal rules application to reopen failed permission decision does not meet the high threshold under CPR 52.30

River Action UK v Ofwat: high court dismisses storm overflow judicial review

High Court rejects challenge to Ofwat's PR24 expenditure allowances for storm overflow improvements.

Monisha Shah nominated as LSB Chair

Minister Sackman has announced Monisha Shah is the preferred candidate for the Chair of the Legal Services Board, with her appointment subject to a pre-appointment hearing

Three new members appointed to CPRC

The Lord Chancellor has appointed three legally qualified members to the Civil Procedure Rule Committee for three years

Diversity data shows progress in law

The Solicitors Regulation Authority has unveiled a decade's worth of diversity data indicating improvements in the legal profession, yet challenges remain

SJ Interview: Ben Aram

Ben Aram is UK Managing Partner at Kennedys and co-head of its Corporate & Commercial division. A solicitor specialising in international arbitration and commercial litigation, he has led the expansion of the firm’s UK corporate practice and helped launch its global ESG group. In this interview, he reflects on law-firm leadership, scaling practices, partnership governance, and the skills lawyers need in a changing market.

Power Shifts, Responsibility Holds

From AI liability and freezing injunctions to private equity governance and regulatory reform, this issue traces a legal system adapting to new pressures while keeping accountability firmly human.