Feeds

back to article Companies House website security 'a bit of a mess'

Serious security holes in the website of Companies House - the UK database of corporate information - have exposed sensitive data and create the risk of corporate identity theft, security consultants warn. The UK government agency maintains that alleged security flaws identified by researcher Paul Moore are either in the process …

COMMENTS

This topic is closed for new posts.
Silver badge

"Nerve centre of British business open to scams"

How very appropriate.

0
1
Anonymous Coward

False assumptions?

You're assuming that Companies House sees the protection of record validity as one of their tasks. Well, I have a surprise for you there - when I was dealing with a case of someone maliciously (unauthorised) changing corporate details so his mate at the bank could hand over funds by closing the company account and making out a cheque to the "owner", Companies House told me that it wasn't their job to ensure accuracy or even test validity of an entry - they merely keep the records (and thus allowed that change, and thus enabled the bank employee to hand over company funds to someone who wasn't even on the account mandate).

You see, the trick here is that although illegal changes to company records is a criminal offence, Companies House will not lift a finger - it is your job to convince the police to take action. As the police is not interested unless it's about serious money, you are then left with civil procedures but that needs the money your bank has just handed off..

(rest of story omitted, I think I'll turn that into a book)..

1
0
Facepalm

Re: False assumptions?

I look forward to the book ;)

It's a good point though; which makes it all-the-more important to ensure that nobody can change details without authorisation.

Thank you John for publishing this story.

Paul.

0
0

This post has been deleted by its author

Holmes

Re: False assumptions?

In my experience, (just a paperback really), the important thing to consider that will stifle your expectations, is that Companies House's get-out clause is that they are merely record keepers. Therefore, it's up to you to pursue anything that seems untoward.

Yes, it is true that they can 'fine' companies for late annual returns and eventually dissolve them, but don't expect anything else. For instance, they will not protect you from someone registering a company name that infringes a trade mark – that's not what they do. You're very much on your own. Do your own detective work, hence the icon.

0
0
Bronze badge
Mushroom

Be careful what you wish for!

Next thing you know, the Companies House online service gets migrated into the Government Gateway...

0
0
Unhappy

Sounds like its a lot easier to hack that it is to use.

0
0
This topic is closed for new posts.