The American Bankers Association, the lobby group that has taken a leading role in lambasting retailers over lax data security, has admitted that email addresses and passwords used to make purchases or register for events through its online shopping cart have been compromised.
The ABA has warned users that the detail of up to 6,400 members have been posted online by unidentified hackers.
The breach is a huge embarrassment for the pressure group, which has been a leading advocate for the imposition of tighter security controls at retailer groups.
News of the break-in emerged as the Association was trumpeting its participation in October's National Cybersecurity Awareness Month campaign organised by the US Department of Homeleand Security and the National Cyber Security Alliance.
"Throughout October, ABA will release resources to help consumers prevent, identify, and report instances of cybercrime," says the lobby group in a press release. "Such as ways to protect your mobile device, your identity, your small business account and yourself online."
The campaign has gotten off to the worst possible start, with Experian, FXCM and Trump hotels all admitting to being hacked as the day progressed.
In a statement on its own victimisation at the hands of cyber criminals, the ABA says: "Like the banks we serve, ABA takes data security very seriously. We also recognise that despite significant security measures, breaches can and do occur."
As a security precaution, the ABA has reset all user passwords on the site and asked members to login to establish a new one and to create new passwords at other sites that they use frequently.
"We have seen no evidence that the hacker has also accessed credit card or other personal financial information but will advise you immediately if we learn otherwise," states the ABA. "If you use the same password to access other ABA systems we strongly recommend you change those passwords as well."