Now Pensions suffered a data breach in December after one of its service partners unintentionally posted members’ personal data in a public software forum.
The provider warned affected members that their names, addresses, birth dates, email addresses and National Insurance numbers were posted on the forum.
It noted that the data breach had affected less than 2 per cent of its approximately 1.8 million members.
“Our current understanding is that one of our service partners unintentionally posted some members’ personal data in a public software forum. This happened between Friday 11 and Monday 14 December 2020,” said Now Pensions CEO, Patrick Luthi.
“These actions contravened Now Pensions’ procedures, as specified for all staff and contractors. The data was visible only to users of that forum for a short time and was copied by a small number of unknown parties. We reported this incident to The Pensions Regulator and The Information Commissioner’s Office."
Luthi stated that protecting Now Pensions’ members’ personal data was of “the utmost importance” and the provider was taking the matter “extremely seriously”.
“We acted as soon as we were made aware of the issue,” he continued.
“Relevant members, fewer than 2 per cent of our total membership, who are affected by this incident have been sent communications setting out our current understanding of the situation and the steps we are taking to mitigate any risks to their data.
“We would ask those members to refer to that correspondence. We do not have any evidence that any members’ data is being used by unauthorised third parties.”
Consumer action law firm, Your Lawyers, said affected members could be eligible to claim for compensation
“Similar to the Virgin Media data breach that we are pursuing an action for, the Now Pensions breach could be labelled as a human error incident; something that victims can still claim for,” commented Your Lawyers lawyer and director, Aman Johal.
“Earlier this year, we estimated that the 900,000 Virgin Media victims could claim an estimated £5,000, and this may also be the case for victims of the Now Pensions breach.”
Recent Stories