Original URL: https://www.theregister.com/2009/05/28/pension_data_breach_alert/

Lost laptop exposes thousands of pension records

Quest to free all world's imprisoned data continues

By John Leyden

Posted in Security, 28th May 2009 13:45 GMT

Exclusive A lost laptop containing the personal data of 109,000 Pensions Trust members has sparked the latest in a growing list of information security breach alerts.

The missing machine was stolen from the offices of NorthgateArinso, suppliers of the Pensions Trust's computerised pensions administration system, where it was being used "as a database for development, training and performance testing".

Data on the drive was not encrypted but it was password protected - as if that provides much in the way of reassurance. Data held on the laptop included name, address, date of birth, NI number, name of employer, salary details, name of and relationship to nominees and, for those drawing a pension, bank account details.

Members of six of the Pension Trust's 39 schemes were affected by the breach. The records potentially exposed data from May 2007.

The Pensions Trust sent out letters this week informing affected members that their personal details have potentially been exposed as a result of the breach.

Scans of the letter and factsheets on the breach can be found here. ®