Now Pensions suffers member data breach

Now Pensions suffered a data breach in December after one of its service partners unintentionally posted members’ personal data in a public software forum.

The provider warned affected members that their names, addresses, birth dates, email addresses and National Insurance numbers were posted on the forum.

It noted that the data breach had affected less than 2 per cent of its approximately 1.8 million members.

“Our current understanding is that one of our service partners unintentionally posted some members’ personal data in a public software forum. This happened between Friday 11 and Monday 14 December 2020,” said Now Pensions CEO, Patrick Luthi.

“These actions contravened Now Pensions’ procedures, as specified for all staff and contractors. The data was visible only to users of that forum for a short time and was copied by a small number of unknown parties. We reported this incident to The Pensions Regulator and The Information Commissioner’s Office."
 
Luthi stated that protecting Now Pensions’ members’ personal data was of “the utmost importance” and the provider was taking the matter “extremely seriously”. 

“We acted as soon as we were made aware of the issue,” he continued.
 
“Relevant members, fewer than 2 per cent of our total membership, who are affected by this incident have been sent communications setting out our current understanding of the situation and the steps we are taking to mitigate any risks to their data.

“We would ask those members to refer to that correspondence. We do not have any evidence that any members’ data is being used by unauthorised third parties.”

Consumer action law firm, Your Lawyers, said affected members could be eligible to claim for compensation

“Similar to the Virgin Media data breach that we are pursuing an action for, the Now Pensions breach could be labelled as a human error incident; something that victims can still claim for,” commented Your Lawyers lawyer and director, Aman Johal.

“Earlier this year, we estimated that the 900,000 Virgin Media victims could claim an estimated £5,000, and this may also be the case for victims of the Now Pensions breach.”

    Share Story:

Recent Stories



Investing in Asia
Pensions Age editor, Laura Blows, discusses with CRUX Asset Management fund manager, Ewan Markson-Brown, the opportunities for investing in Asia and CRUX Asset Management's fund launch to help with this
Improving communication flows
Pensions Age editor, Laura Blows, discusses improving the communication flows between pension scheme trustees and the sponsoring employer with Baker McKenzie pension partners, Jeanette Holland and Chantal Thompson

Advertisement Advertisement