A vulnerability in the UK Companies House WebFiling service, likely introduced in an October 2025 update, may have exposed personal data. The flaw could only be exploited by authenticated users with a valid authentication code while logged into the service. The service was taken offline and has since been restored following remediation.
Companies House, the UK’s official company registry, said its WebFiling service is back online after being shut down on Friday to fix a security issue that may have exposed the personal data of millions of firms. An investigation indicates the flaw was likely introduced during an October 2025 update. According to Companies House, only users who were logged in and had a valid authentication code could have exploited the flaw. However, the vulnerability raised concerns … More → The post Millions of UK firms on alert after Companies House data exposure appeared first on Help Net Security .