A recent system flaw at Companies House has raised fresh concerns around data security and the integrity of the UK’s corporate register, after a vulnerability in its online filing service allowed users to access information linked to other companies.
The issue, which stemmed from a software update introduced in late 2025, meant that logged-in users could potentially view sensitive company data and, in some cases, make unauthorised changes to filings.
While Companies House has confirmed that passwords and identity documents were not compromised, the incident has sparked concern among business owners about the risk of fraudulent filings and unauthorised amendments to company records.
The WebFiling service was temporarily taken offline while the issue was resolved, with the organisation working alongside the Information Commissioner’s Office (ICO) and the National Cyber Security Centre (NCSC) to investigate.
Businesses have been advised to review their company records and report any suspicious activity.
The incident highlights ongoing challenges around safeguarding digital infrastructure, particularly as Companies House undergoes significant reform under the Economic Crime and Corporate Transparency Act, aimed at improving the accuracy and reliability of company data.
For SMEs, the episode serves as a reminder of the importance of regularly monitoring filings, maintaining strong internal controls, and acting quickly if discrepancies arise.