The Chartered Insurance Institute has suffered a recent IT security incident which led to a data leak for a number of its members.
In an email seen by FTAdviser, the CII said it recently identified that its IT systems had been accessed by an “unauthorised third party”.
The email, which was signed off by chief executive officer Alan Vallance, told members that “he regrets to say” a limited amount of personal data was accessed.
The CII said it immediately took steps to secure the systems and appointed external IT experts to investigate the incident and identify any impact on members’ and customers’ personal data.
It was also reported to the Information Commissioner's Office.
Vallance wrote: “Given that this information is already likely to be in the public domain, the advice we have received is that there is very low risk to you. However, we are letting you know in the spirit of openness and transparency.”
The CII urged members to be vigilant, especially if they receive unsolicited phone calls or emails containing links.
“We are sorry that this incident happened,” Vallance wrote. “We have undertaken a detailed review of our security systems and testing protocols and made improvements.
“I hope that this correspondence gives you confidence in how seriously we take our responsibility to keep your personal data safe.”
The CII told FTAdviser that the investigation concluded around 20 per cent of its customer records’ personal data was accessed.
A spokesperson said: “We are committed to maintaining the security of the data that we hold.
“As such, we have taken the incident very seriously and acted swiftly in response to it, undertaking a detailed review of our security systems and testing protocols and making improvements.”
Earlier this month, the CII suffered from technical issues after an adviser queried why he could not log into his Continuing Professional Development (CPD) account.
For three days, chartered financial planner Filip Slipaczek told FTAdviser he could not log into his CPD account.
A spokesperson for the CII said a technical issue did result in "some members" being unable to log in to the CII’s CPD tool on September .
The CII has suffered a string of technical issues over the past few years, making this the tenth issue FTAdviser has reported on over the past year.
CII exam troubles
Other issues have centred around the CII’s exam system. In May, Robert Doogan, chartered financial planner at Cullen Wealth, said it had taken him more than three weeks to even attempt to book an exam.
He said the CII’s exam booking service was “extremely poor” and "no longer fit for purpose".
Between January 2021 to March 2022, FTAdviser understands the CII delivered 62,000 examinations and received 1,906 complaints, equating to around 3 per cent of candidates.
But one adviser, who did not wish to be named, highlighted how one complaint can represent the experience of multiple advisers.
“I made a single complaint to CII six months ago. That was recorded as one complaint, but it was sent on behalf of around 35 students who had experienced issues,” they said.
This came after last year, the CII faced exam glitches as candidates having taken exams in the past 48 hours were unable to view their results and certificates online.
During the pandemic, the CII also apologised to candidates for “unacceptable instances” including problems with accessing remote invigilation sessions and technical issues during sittings.
Candidates had experienced a delayed start to a remote invigilated exam in July 2020, followed by some candidates experiencing technical issues with a remote multiple choice exam in August.
Technical issues continued in test centres in October 2020, with candidates claiming their computer system froze or shut down hours into the exam.
These issues continued into 2021. In March, the CII was forced to issue its exam results a day early after it suffered a technical issue, causing confusion among candidates.
Two years or so after remote exams were put in place for advisers and planners, problems with logging on and taking exams still exist.
As recently as last month, advisers cited instances of having issues with accessing their exam remotely and others stated they were unable to book their R06 examination with the Chartered Insurance Institute.
sonia.rach@ft.com
What do you think about the issues raised by this story? Email us on FTAletters@ft.com to let us know
