The Chartered Institute for Securities and Investment has suffered an embarrassing security breach resulting in the leak of private details for all 40,000 members.
The data security breach, which has resulted in the unauthorised release of every member’s name, email address and membership level, was discovered on Friday
In a statement, Simon Culhane, CISI chief executive says:"The CISI is deeply concerned about this breach and has advised all members to treat with extreme caution any email which requests individuals to reveal further personal information, particularly if it is financially related."
Evolved from the London Stock Exchange, the professional body has more than 40,000 members in 110 countries. Member postal addresses, phone numbers, passwords, examinations results and financial details were not exposed in the incident.
Culhane says that that the Institute fell victim to a "devious confidence trick" on an unsuspecting member of the support team.
"We believe this fraud was an isolated incident and I can assure you that we are taking immediate steps to increase our security and prevent such an incident recurring," writes Culhane. "We are also reviewing our training and will be informing the Information Commission of this incident."
The Institute has set up a dedicated e-mail address, firstname.lastname@example.org, and a telephone helpline for concerned members.