M&S Pension Scheme trustee writes to affected members following cyber breach

The M&S Pension Scheme trustee has confirmed that it was one of “many Capita clients” impacted by a cyber incident that took place in March, revealing that the security of personal data for a large proportion of its scheme members may have been affected.

The update was shared following a detailed investigation by Capita, which revealed that the incident may have affected the security of personal data for majority of the scheme’s pensioner members and a very small group of deferred members.

The trustee emphasised that Capita has taken immediate steps to secure its systems and prevent any further unauthorised access to personal data, confirming that the scheme ahs been working very closely with Capita and is doing everything it can to minimise any current or future risk to members.

The statement also clarified that while Capita cannot be certain that this data has been accessed, the M&S Pension Scheme trustee believes it is appropriate to act as if this is the case and warn affected members about the potential risks, warning that there is the possibility that if personal data is accessed it could be used for fraud, identity theft.

Given this, the scheme has issued a letter to all members who are affected providing further information and support.

A statement from the M&S Pension Scheme read: “We would like to say how sorry we are that this has happened.

"We take the responsibility of protecting members’ personal data very seriously and we have sought information about what Capita has done to improve the security of personal data and avoid a future incident. We want to reassure you that your pension remains secure.”

Commenting on the update, a Capita spokesperson added: "Capita continues to work closely with specialist advisers and forensic experts to investigate the incident and we have taken extensive steps to recover and secure the data.

“In line with our previous announcement, we are now informing those we have identified to be affected.

"We have worked quickly to provide our clients with information, reassurance and support, while delivering for them as a business. In instances where we need to provide further support to those affected, we will do so.”

The Universities Superannuation Scheme (USS) also recently confirmed that it had written to members, after revealing that the personal details of around 470,000 active, deferred and retired members may have been accessed during the recent Capita cyber incident.

TPR also encouraged pension scheme trustees who may have been impacted by the recent Capita cyber incident to contact members proactively to warn them about the potential pension scams.

Capita previously confirmed that it is working "closely and at speed" with advisers and forensic experts to investigate and resolve the issue, with the incident expected to cost the provider up to £20m.

    Share Story:

Recent Stories


A time for fixed income
Francesca Fabrizi discusses fixed income trends and opportunities with Goldman Sachs Asset Management Head of UK Pensions Solutions, Fixed Income Portfolio Management, Henry Hughes, in our Pensions Age video interview

Purposeful run-on
Laura Blows discusses purposeful run-on for DB schemes with Isio director, actuarial and consulting, Matt Brown, in Pensions Age’s latest video interview
Find out more about Purposeful Run On

Keeping on track
In the latest Pensions Age podcast, Sophie Smith talks to Pensions Dashboards Programme (PDP) principal, Chris Curry, about the latest pensions dashboards developments, and the work still needed to stay on track
Building investments in a DC world
In the latest Pensions Age podcast, Sophie Smith talks to USS Investment Management’s head of investment product management, Naomi Clark, about the USS’ DC investments and its journey into private markets

Advertisement