HARRISBURG - Over 100 members of the $30bn Pennsylvania State Employees' Retirement System (SERS) have had their personal information published on a public web page.
The fund stressed there was "no evidence of actual harm" after a security policy violation led to the publishing of social security numbers, demographic information, and monthly benefit amounts of 125 retired members.
For certain members, the name of the their financial institution was also listed on the site, although individual bank account information was not listed.
The violation involved a computer file containing a sampling of data on members and their accounts, which was being used to test a computer system. In an apparent effort to facilitate the test, the file was placed on a page of an employee’s personal web site, the fund said in a release.
"Once there, it potentially could have been viewed by anyone visiting the site. The data file was removed from the site immediately after it was discovered late last week."
Eric Henry, executive director, said the web posting was a direct violation of both SERS and Commonwealth policies, and added disciplinary action against the employee was being taken.
Thomas Wanich, director of member services, said SERS would provide all affected members with credit monitoring for a year as a precaution, and added: “We do not have any evidence that your information has been misused.”
This week's edition of Professional Pensions is out now.
Ben Gunnee reflects on 2018 and talks about the Fiduciary Management trends to keep an eye on in 2019
Lloyds Banking Group secured 630,000 new pension customers last year, according to its 2018 annual results.
Guy Opperman has rejected calls to speed up changes to auto-enrolment (AE) despite increasing pressure to boost contribution rates and overall savings pots.