Now Pensions suffers member data breach

Now Pensions suffered a data breach in December after one of its service partners unintentionally posted members’ personal data in a public software forum.

The provider warned affected members that their names, addresses, birth dates, email addresses and National Insurance numbers were posted on the forum.

It noted that the data breach had affected less than 2 per cent of its approximately 1.8 million members.

“Our current understanding is that one of our service partners unintentionally posted some members’ personal data in a public software forum. This happened between Friday 11 and Monday 14 December 2020,” said Now Pensions CEO, Patrick Luthi.

“These actions contravened Now Pensions’ procedures, as specified for all staff and contractors. The data was visible only to users of that forum for a short time and was copied by a small number of unknown parties. We reported this incident to The Pensions Regulator and The Information Commissioner’s Office."
 
Luthi stated that protecting Now Pensions’ members’ personal data was of “the utmost importance” and the provider was taking the matter “extremely seriously”. 

“We acted as soon as we were made aware of the issue,” he continued.
 
“Relevant members, fewer than 2 per cent of our total membership, who are affected by this incident have been sent communications setting out our current understanding of the situation and the steps we are taking to mitigate any risks to their data.

“We would ask those members to refer to that correspondence. We do not have any evidence that any members’ data is being used by unauthorised third parties.”

Consumer action law firm, Your Lawyers, said affected members could be eligible to claim for compensation

“Similar to the Virgin Media data breach that we are pursuing an action for, the Now Pensions breach could be labelled as a human error incident; something that victims can still claim for,” commented Your Lawyers lawyer and director, Aman Johal.

“Earlier this year, we estimated that the 900,000 Virgin Media victims could claim an estimated £5,000, and this may also be the case for victims of the Now Pensions breach.”

    Share Story:

Recent Stories


A time for fixed income
Francesca Fabrizi discusses fixed income trends and opportunities with Goldman Sachs Asset Management Head of UK Pensions Solutions, Fixed Income Portfolio Management, Henry Hughes, in our Pensions Age video interview

Purposeful run-on
Laura Blows discusses purposeful run-on for DB schemes with Isio director, actuarial and consulting, Matt Brown, in Pensions Age’s latest video interview
Find out more about Purposeful Run On

Keeping on track
In the latest Pensions Age podcast, Sophie Smith talks to Pensions Dashboards Programme (PDP) principal, Chris Curry, about the latest pensions dashboards developments, and the work still needed to stay on track
Building investments in a DC world
In the latest Pensions Age podcast, Sophie Smith talks to USS Investment Management’s head of investment product management, Naomi Clark, about the USS’ DC investments and its journey into private markets

Advertisement