Right Click Accounting Logo
Contact
Right Click Accounting Logo

Companies House Security Issue: Do You Need to Take Action?

In this blog post, we cover;

First Things First…Don’t Panic!
What Actually Happened
What Information Could Have Been At Risk
What This Means For Your Business
Three Checks Worth Carrying Out
Frequently Asked Questions

In this blog post, we cover;

First Things First...Don't Panic!

You may have seen something about a Companies House security issue recently and wondered whether it affects your business. The honest answer is…probably not significantly, but it is worth a quick check.

Here’s a clear breakdown of what happened and exactly what to do next to protect your business and put your mind at ease.

Work With Your Accountant

What Actually Happened?

In March 2026, Companies House discovered a security flaw in its WebFiling service. The platform most companies use to file accounts, update director details and manage their registered information.
 
The vulnerability meant that a logged-in WebFiling user could potentially have viewed or changed certain details belonging to another company without their knowledge or consent. Importantly, this wasn’t something the general public could exploit, only users already logged in with an authorised code could have done this.
 
Companies House took WebFiling offline swiftly, investigated the issue, had the service independently tested, and brought it back online within a matter of days. However, the flaw is believed to have been introduced in October 2025 when their systems were updated.

What Information Could Have Been at Risk?

Before jumping to conclusions and getting caught up in the headlines, it’s worth looking at what information was actually involved during this incident.

Data that may have been visible to other logged-in users includes dates of birth, residential addresses and company email addresses. There was also a possibility that unauthorised filings (such as accounts or changes of director) could have been made on another company’s record.
 
What was not affected is equally important to know:
  • Passwords were not compromised.
  • No identity verification data, such as passport information, were accessed.
  • Existing filed documents could not have been altered.
 
Companies House have also confirmed that the issue could not have been used to extract data in bulk or access records systematically. Any exposure would have been limited to individual company records, viewed one at a time by a registered user.

What Does This Mean For Your Business?

For the vast majority of businesses, the practical impact is likely to be minimal. But that doesn’t mean it’s worth ignoring.
 
Growing businesses in particular tend to have more moving parts like multiple directors, changing registered addresses, and evolving filing histories. That makes it all the more worthwhile to take a few minutes and confirm everything is exactly as it should be.
 
Think of it less as a crisis response and more as a sensible sense-check. One that happens to be timely.

Companies House Security Issue - Impact On Business

Three Checks Worth Carrying Out Now

The good news is you don’t need to be particularly technical to do this. It’s a simple sense-check any business owner can carry out in a few minutes for complete peace of mind. Here’s what we recommend to check;

Your registered company details; address, director names, contact email.

Your filing history; look for anything you don’t recognise or didn’t authorise.

Any recent changes; particularly around director appointments or resignations.

If everything looks correct, you’re done. If anything looks unfamiliar or out of place, raise it with Companies House directly through their complaints process, including as much detail as you can about what you’ve found.
 
You can read the full update from Companies House here.

Companies House Security Issue - FAQ's

Frequently Asked Questions

The vulnerability was specific to the WebFiling service, so it’s most relevant to businesses that actively use that platform. That said, a quick check is worthwhile for any registered company, it takes minutes and gives you certainty either way.

In theory, yes…that was one of the risks the investigation identified. This is exactly why checking your filing history is the most important step. If you spot anything unexpected, flag it to Companies House straight away.

It’s possible that certain details such as dates of birth, residential addresses or company email addresses were visible to another logged-in user. But Companies House have confirmed there are no reports of data being accessed or misused at this stage. Passwords and identity verification documents were not affected.

Passwords weren’t confirmed as compromised, but updating yours is a sensible habit at any time, and this feels like a reasonable prompt to do so. It takes two minutes and costs nothing.

Final Thoughts

Security incidents sometimes sound more alarming than they often turn out to be, and this one is no different.
 
Companies House responded quickly, the service has been independently tested and restored, and there are no confirmed cases of data being misused. (Which I’m sure you’ll agree, is genuinely reassuring.) But the best thing you can do is take five minutes, log in, and check your details. Not because something has definitely gone wrong, but because knowing everything is in order is always worth the effort.
 
If you have any concerns about your company’s registered information, or anything else affecting your business, we’re always happy to talk it through. We’re not just here to support at year-end or when something goes wrong, but through every decision, challenge and milestone along the way.
 
Simply get in touch with our team today.

© Right Click Accounting Ltd 2026 | Company Number: 12060962
Right Click Bookkeeping and Being a Business Owner are trading names of Right Click Accounting Ltd