The FMA today apologised for a privacy breach that meant complaints documents sent to the regulator between 2015 and 2017 were potentially accessible via internet searches.
FMA Chief Executive Rob Everett said the issue was rectified immediately when the regulator became aware of it, and reassured the public that any information provided to the FMA was now held confidentially.
The FMA has identified six cases where sensitive personal information provided to the regulator may have been accessed.
The FMA has contacted the people involved to advise them of the issue and any further steps they should take to protect their information.
A preliminary review has identified 27 instances where documents that supported complaints were accessed by internet searches. The documents were inadvertently uploaded to a portal on the FMA website. Of these, six contained sensitive personal information such as financial information. The remaining documents were either already publicly available or did not include any sensitive personal information.
“We apologise to those people who supplied us with information and also to the wider public for this error. Their trust and confidence is critical to us,” said Mr Everett.