Morgan Stanley has become the latest financial services company to fall victim to poor security on its website.
The merchant bank had to carry out remedial work after it emerged that a password-recording feature in Windows could leave customers' credit card details vulnerable.
The feature, which is disabled by most internet banks, meant that Morgan Stanley customers using a shared PC were at risk of other users accessing their credit card accounts.
Morgan Stanley fixed the problem after being alerted by staff at the BBC, which reported it after being approached by a viewer.
Online bank Cahoot suffered a similar security breach last week when users discovered they could view other people’s accounts after a software upgrade.