News

Companies House closed temporarily after glitch allowed people to edit OTHER firms’ details

James Jackson March 13, 2026

Table of Contents

Companies House temporarily shut down online filing system after security flaw

A critical flaw left over five million UK companies exposed to data breaches, enabling users to modify the private details of other businesses. The error allowed individuals to alter director information, including home addresses, email accounts, and full birth dates, potentially paving the way for fraudulent activities.

The vulnerability also permitted unauthorized access to delete or replace company records. Major corporations such as BP, Shell, HSBC, Unilever, and Tesco were among those affected, highlighting the severity of the issue.

Users could exploit the flaw by logging into the system and entering another company’s unique identifier. Once accessed, they would see the target firm’s dashboard instead of their own. This oversight could be bypassed by pressing the ‘back’ button multiple times, granting access to sensitive data without proper verification.

Legal consequences of the breach

Under UK law, unauthorized access to confidential data can lead to imprisonment for up to two years, with harsher penalties for those using it to commit fraud. The ease of exploiting this vulnerability raised concerns about its potential impact on corporate security.

“The security and GDPR risks of exposing directors’ personal details across millions of firms are significant,” said Dan Neidle, founder of Tax Policy Associates. “All the more so if nobody knows which companies were impacted by the vulnerability.”

Neidle emphasized the seriousness of the flaw, noting that it could be “very serious” if it remained unpatched for an extended period. He pointed out that the vulnerability required minimal effort to exploit, making it particularly dangerous. “If the issue persisted for extended periods, the vulnerability posed a serious threat, as it required minimal effort to exploit,” he added.

A Companies House spokesperson confirmed the service was suspended to address the problem: “We have suspended WebFiling to investigate the problem, apologizing for any disruption caused to our users.” The statement also provided guidance for affected customers, urging them to submit filings promptly upon service restoration and document any errors encountered.

For those missing filing deadlines due to service unavailability, Companies House recommended submitting documents immediately upon restoration and providing screenshots of error messages with timestamps as evidence. The Daily Mail has contacted Companies House for further comment.