Now Pensions suffers member data breach

Now Pensions suffered a data breach in December after one of its service partners unintentionally posted members’ personal data in a public software forum.

The provider warned affected members that their names, addresses, birth dates, email addresses and National Insurance numbers were posted on the forum.

It noted that the data breach had affected less than 2 per cent of its approximately 1.8 million members.

“Our current understanding is that one of our service partners unintentionally posted some members’ personal data in a public software forum. This happened between Friday 11 and Monday 14 December 2020,” said Now Pensions CEO, Patrick Luthi.

“These actions contravened Now Pensions’ procedures, as specified for all staff and contractors. The data was visible only to users of that forum for a short time and was copied by a small number of unknown parties. We reported this incident to The Pensions Regulator and The Information Commissioner’s Office."
Luthi stated that protecting Now Pensions’ members’ personal data was of “the utmost importance” and the provider was taking the matter “extremely seriously”. 

“We acted as soon as we were made aware of the issue,” he continued.
“Relevant members, fewer than 2 per cent of our total membership, who are affected by this incident have been sent communications setting out our current understanding of the situation and the steps we are taking to mitigate any risks to their data.

“We would ask those members to refer to that correspondence. We do not have any evidence that any members’ data is being used by unauthorised third parties.”

Consumer action law firm, Your Lawyers, said affected members could be eligible to claim for compensation

“Similar to the Virgin Media data breach that we are pursuing an action for, the Now Pensions breach could be labelled as a human error incident; something that victims can still claim for,” commented Your Lawyers lawyer and director, Aman Johal.

“Earlier this year, we estimated that the 900,000 Virgin Media victims could claim an estimated £5,000, and this may also be the case for victims of the Now Pensions breach.”

    Share Story:

Recent Stories

Responsible investing
Laura Blows speaks to Standard Life head of investment solutions, Gareth Trainor, about the latest responsible investment trends and developments for providers, pension schemes and their members

ESG and member engagement
Laura Blows speaks to Legal &General Investment Management head of DC, Emma Douglas, and Nest Insight Director of Research and Innovation, Jo Phillips, about member attitudes towards ESG and how this may impact upon pension fund investments

Sovereign bonds and climate change considerations
In Pensions Age's latest podcast, Laura Blows is joined by Hilary Norris, Product Manager, Sustainable Investment, EMEA, FTSE Russell, to discuss sovereign bonds and climate change considerations

Climate Investing
Laura Blows speaks to Aled Jones, Head of Sustainable Investing for Europe at FTSE Russell, and Adam Matthews, Director of Ethics and Engagement for the Church of England Pensions Board, about the role of climate investing within a pension fund portfolio.

Managing volatility
In the latest Pensions Age podcast, Laura Blows speaks to Cambridge Associates head of European pension practice, Alex Koriath, about the Covid-related market volatility and how pension funds can prepare for the challenges ahead