A major data security breach at the Chartered Institute for Securities and Investment has caused the release of 40,000 members' details to a fraudster.
On Friday (May 29) the professional body for finance and investment folk held an emergency meeting concerning the release of every member's name, email address and membership level.
The institute wrote to its members to say its was "deeply concerned" about the breach.
Chief executive Simon Culhane wrote: "I would like to reassure you that this is not a breach of our IT system, but we fell victim to a devious confidence trick on an unsuspecting member of the support team."
He said: "The Institute will be carrying out a full investigation and advising the relevant authorities including the Information Commission. I am very sorry if you are one of the members affected."
A full report will be made to the Information Commissioner, the Financial Conduct Authority, and the police.
"I am very sorry for any alarm or inconvenience this has caused and would like to assure you that we are taking this breach extremely seriously," he said.
CISI is warning members against divulging any further personal details via soliciting emails. The body is advising members to get in touch if they receive anything suspicious and has set up a dedicated email address: firstname.lastname@example.org. ®