Chartered Insurance Institute  

CII sees members' data accessed in cyberattack

CII sees members' data accessed in cyberattack

The Chartered Insurance Institute has suffered a recent IT security incident which led to a data leak for a number of its members.

In an email seen by FTAdviser, the CII said it recently identified that its IT systems had been accessed by an “unauthorised third party”. 

The email, which was signed off by chief executive officer Alan Vallance, told members that “he regrets to say” a limited amount of personal data was accessed. 

Article continues after advert

The CII said it immediately took steps to secure the systems and appointed external IT experts to investigate the incident and identify any impact on members’ and customers’ personal data. 

It was also reported to the Information Commissioner's Office.

Vallance wrote: “Given that this information is already likely to be in the public domain, the advice we have received is that there is very low risk to you. However, we are letting you know in the spirit of openness and transparency.”

The CII urged members to be vigilant, especially if they receive unsolicited phone calls or emails containing links.

“We are sorry that this incident happened,” Vallance wrote. “We have undertaken a detailed review of our security systems and testing protocols and made improvements. 

“I hope that this correspondence gives you confidence in how seriously we take our responsibility to keep your personal data safe.”

The CII told FTAdviser that the investigation concluded around 20 per cent of its customer records’ personal data was accessed.

A spokesperson said: “We are committed to maintaining the security of the data that we hold. 

“As such, we have taken the incident very seriously and acted swiftly in response to it, undertaking a detailed review of our security systems and testing protocols and making improvements.”

Earlier this month, the CII suffered from technical issues after an adviser queried why he could not log into his Continuing Professional Development (CPD) account.

For three days, chartered financial planner Filip Slipaczek told FTAdviser he could not log into his CPD account. 

A spokesperson for the CII said a technical issue did result in "some members" being unable to log in to the CII’s CPD tool on September . 

The CII has suffered a string of technical issues over the past few years, making this the tenth issue FTAdviser has reported on over the past year. 

CII exam troubles

Other issues have centred around the CII’s exam system. In May, Robert Doogan, chartered financial planner at Cullen Wealth, said it had taken him more than three weeks to even attempt to book an exam.

He said the CII’s exam booking service was “extremely poor” and "no longer fit for purpose".

Between January 2021 to March 2022, FTAdviser understands the CII delivered 62,000 examinations and received 1,906 complaints, equating to around 3 per cent of candidates.

But one adviser, who did not wish to be named, highlighted how one complaint can represent the experience of multiple advisers.