The Chartered Institute for Securities & Investment, a large 'accredited body' in the UK which has the job of training and accrediting retail investment advisors with statements of professional standing, is coping manfully with the aftermath of a cyber-attack on its website.

The CISI recently became aware that customers were noticing fraudulent activity on their cards after a payment transaction on its website, which is under repairs and ought to be operating normally shortly. It immediately commenced an investigation with help from its insurers and the accountancy firm of KPMG. It is using cyber-security men and digital forensic experts and has suspended all its online transactions. The identities of the attackers are so far unknown.

The investigations began on Thursday. Someone gained access to the CISI website through a "third party application" and inserted malicious code which then captured information from the CISI's customers at the end of its online checkout process. This might have happened in the middle of February.

The trade body told Compliance Matters: "We understand how distressing this news can be, and we apologise profusely to all our customers who are affected. We have now contacted 5,785. No other CISI member data has been compromised."

The CISI expects about 1,000 customers to have suffered in some way. It is asking them to take the following urgent steps.

• Freeze the cards that they used on the site.
• Check statements for those cards for any fraudulent activity.
• Contact their banks/lenders to inform them that their cards may have been compromised.