The breach is embarrassing for IEEE as it's a mistake -- storing login credentials in plain text -- that novice security professionals should know to avoid.
In a statement, an IEEE spokeswoman today said the organization is aware of an incident regarding "inadvertent access to unencrypted log files containing user IDs and passwords."
"We have conducted a thorough investigation and the issue has been addressed and resolved. We are in the process of notifying those who may have been affected," the statement said.
The spokeswoman did not say how the data could be available on a public FTP server, or why it was stored in unencrypted fashion.
An IEEE alert to members ( available here) said that no financial information was exposed as a result of the error.
"However, it was theoretically possible for an unauthorized third party, using your ID and your password, to have accessed your IEEE account," the alert cautioned.
As a precautionary measure, IEEE has terminated access to accounts with current passwords and users will be required to create a new one next time they attempt to log into their accounts, the statement said.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
Read more about security in Computerworld's Security Topic Center.