Only one company listed in FTSE 100 admitted to recently auditing cookies on their websites in past month, despite stringent EU regulation.
The result came out after UK based audit and assessment technology company Cookie Reports audited every FTSE 100 company websites.
The new European Union regulation is going to come into force, which proposes to impose fines of up to 2% of global revenue for breaching the rules.
According to Cookie Reports, the practise of not auditing cookies can expose sensitive information about site visitors to third parties, and can pose risk to the companies.
According to the EU, cookies can contain personally identifiable data and expose visitor data to the outside world.
Cookies are usually placed by website owners and third parties running advertising networks to track user behaviour.
The audit also revealed that insurance, hospitality, pharmaceutical and retail sectors were the worst performing sectors when it came to tracking cookies.
Previously, the European Union conducted an initial cookie sweep of 478 sites in eight EU countries, which highlighted that 70% of the 16,555 cookies identified were placed by third parties.
Cookie Reports CEO Stephen Hickey said: "From a privacy perspective, this is particularly concerning as organisations may be unwittingly sharing their consumer’s data with unknown third parties.
"It would appear that companies are unaware of what data is being exposed and how long for."