Last mentioned: Mar 14, 2026
Guidance Issued
The registrar advises companies to document filing errors and promises to take the outage into account for deadlines.
Vulnerability Reported
Dan Neidle of Tax Policy Associates alerts Companies House to the 'back key' security flaw.
Service Suspension
Companies House takes the WebFiling service offline on Friday evening to investigate the issue.
Guidance Issued
Official guidance released advising users on how to handle missed filing deadlines due to the outage.
Vulnerability Identified
Dan Neidle of Tax Policy Associates discovers that the 'back' button allows access to other companies' private data.
Agency Alerted
Companies House is formally notified of the security flaw by Tax Policy Associates.
Service Suspension
Companies House takes the WebFiling portal offline on Friday evening to investigate the breach.
The UK’s corporate registrar, Companies House, has taken its WebFiling service offline following the discovery of a critical security flaw that exposed sensitive director data. The vulnerability allowed unauthorized users to view and potentially edit corporate records, raising significant concerns regarding identity theft and corporate fraud.
The UK’s Companies House has taken its WebFiling service offline following the discovery of a critical security flaw that allowed users to view and edit sensitive personal data of company directors. The vulnerability, which could be exploited simply by using a browser's back button, has raised significant concerns regarding corporate identity theft and the integrity of the UK's business register.