The Jersey Financial Services Commission says a vulnerability in its Registry system allowed access to non-public names and addresses.
No individuals were linked to registered entities or roles held.
It has written to those affected and says it took immediate action.
The JFSC has conducted an initial forensic review with an independent cyber security partner, identifying that the vulnerability was due to a misconfiguration in its third party-supplied Registry system.
Further investigation to determine how this happened is ongoing.
The Minister with responsibility for Financial Services Deputy Ian Gorst has apologised for the security breach.
“I am assured by the JFSC that they have resolved a vulnerability that has affected a limited number of entries in their online Registry system.
I am sorry that that this fault occurred, and I understand that the JFSC are conducting the most thorough of investigations to make sure lessons are learned and the design of the Register is improved and strengthened.
Further to this, I have commissioned an independent investigation to determine that the actions taken to date have been appropriate. I will not be making any further comment until this inquiry has been completed.”