CII issues apology after data breach
The Chartered Insurance Institute has apologised after it identified an unauthorised third party had accessed its IT systems.
On 27 October the CII acknowledged it had suffered a cyberattack and hackers were able to access members’ personal data.
In a statement to Insurance Age, the CII confirmed the data accessed was members’ names and firms, addresses, email addresses, telephone numbers, and dates of birth. However, no financial information was accessed the CII stated.
According to the institute, a limited amount of personal data relating to around 20% of its customer records was accessed.
An email was sent by the CII to members informing them of the incident, which was seen and first reported by Citywire New Model Advisor.
The institute has reported the breach to the Information Commissioner’s Office.
The statement added: “We are sorry that this incident happened. We are committed to maintaining the security of the data that we hold. As such, we have taken the incident very seriously and acted swiftly in response to it, undertaking a detailed review of our security systems and testing protocols and making improvements.”
Investigation
The CII explained that when it identified that its IT systems had been accessed by an unauthorised third party it “immediately took steps to secure our systems and appointed external IT experts to investigate the incident and identify any impact on our members’ and customers’ personal data”.
In the statement the CII noted: “Given that this information was already likely to be in the public domain, the advice we have received is that there is very low risk. However, we have already informed all those impacted in the spirit of openness and transparency.”
The data breach follows the institute spending £8m on updating its IT systems in recent years, as confirmed by former CII CEO Sian Fisher to Insurance Age earlier this year.
PFS
A separate statement from the Personal Finance Society detailed: “We of course take any incident of this nature very seriously and are engaged with the CII on how they are strengthening their cyber defences as an urgent priority.
“Although we are advised that only a limited amount of personal data was accessed, we would always advise PFS members to be especially vigilant when it comes to their cyber security.
“The PFS leadership advises all members to continue to be cautious in responding to unsolicited emails and closely monitor for any suspicious or unusual activity.”
An ICO spokesperson said: “Chartered Insurance Institute have made us aware of an incident and we will be making enquiries.”
For all the latest industry news direct to your inbox, sign up for our daily newsletter.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@insuranceage.co.uk.
You are currently unable to print this content. Please contact info@insuranceage.co.uk to find out more.
You are currently unable to copy this content. Please contact info@insuranceage.co.uk to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@insuranceage.co.uk
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@insuranceage.co.uk
More on Technology
ERS and Acturis team up on full-cycle API car product for brokers
Acturis and specialist motor insurer ERS have launched an API based car insurance product for brokers on the software provider’s platform which replaces legacy EDI messaging.
Verisk targets brokers and MGAs with Morning Data buy
Global data analytics and technology provider Verisk has bought Morning Data, a supplier of software to brokers and managing general agents in London and across the world.
Howden taps into Ingenie for UK telematics roll out
International broker Howden has announced the UK launch of Howden Drive, its telematics app and data beacon, which aims to help reduce premiums for policyholders, optimise loss ratios for brokers and insurers, and improve road safety.
Applied approaching 100 Epic milestone
Applied Systems has 72 brokers live on Epic in the UK and is onboarding another 30 customers that have already been won, which will take the total to more than 100 by the end of the year, Europe CEO Tom Needs confirmed to Insurance Age.
Insly launches no code sales software for brokers
Software provider Insly has rolled out BrokerFlow, designed to enable brokers to digitise their sales workflow including application forms, risk surveys, and customer proposals.
UK Broker Awards open for entries – get yours in now
The 2023 UK Broker Awards returns this year at a new venue during a new month.
Policy Expert focuses on customer retention as top priority
Policy Expert’s COO Adam Powell has stressed that customer retention is its top priority in 2023, as it continues to focus on its organic growth.
Ex-Applied Systems leader Joe Sultana joins digital schemes firm IS2
Joe Sultana, former chief operating officer at Applied Systems Europe, has joined digital trading and distribution platform for the schemes market IS2 as commercial director.