Jersey’s financial regulator has been hit with a data breach, Financial News can reveal.
A breach at The Jersey Financial Services Commission allowed access to non-public names and addresses, the watchdog confirmed on 7 March.
“On 23 January 2024 a vulnerability was detected in our registry system and we immediately took action to resolve the issue,” a statement reads. “We have conducted an initial forensic review with an independent cyber security partner. This review identified that the vulnerability was due to a misconfiguration in our third party-supplied registry system.”
READ Allen & Overy hit by suspected ransomware attack
Jersey Finance, the promotional body for Jersey’s financial centre, declined to comment.
The Cyber Security Centre for Jersey and Jersey Office of the Information Commissioner were approached for comment.
The JFSC previously warned the jurisdiction’s financial services firms to increase their cyber security checks as malicious incidents spiked in the wake of Russia’s invasion of Ukraine.
The JFSC’s corporate network was not compromised, it said in an update on its website, and the breach did not link any individuals to a specific registered entity or any role held. But 66,806 individuals did have their names and addresses accessed where it was not already public on the register. More than 2,400 have been written to by the regulator.
“We recognise that it is never possible to eliminate all risk. However we also understand that no data compromise is acceptable, and we work hard to ensure controls are in place to protect the information we hold,” the JFSC added.
To contact the author of this story with feedback or news, email Justin Cash