The FMA issued an apology for a privacy breach that meant complaints documents sent to the regulator between 2015 and 2017 were potentially accessible via internet searches.

Six cases were identified where sensitive personal information provided to the regulator may have been accessed.

A preliminary review has identified 27 instances where documents that supported complaints were accessed by internet searches. The documents were inadvertently uploaded to a portal on the FMA website.

Of these, six contained sensitive personal information such as financial information. The remaining documents were either already publicly available or did not include any sensitive personal information.

FMA Chief Executive Rob Everett said the issue was rectified immediately and any information provided to the FMA was now held confidentially.