Late last month Schwab Retirement Plan Services (Schwab) sent an accidental email to a participant in another retirement plan, also serviced by Schwab, with a spreadsheet attached containing personal information of approximately 9,400 plan participants. The spreadsheet included information such as names, addresses, dates of birth, Social Security numbers, employment statuses, marital statuses, and account balances belonging to participants in a company-sponsored retirement plan. Soon after receiving it, the recipient of the spreadsheet informed their plan sponsor, who then contacted Schwab. The good news is, Schwab does not believe anyone’s personal information was compromised. In a letter to plan participants, Schwab indicated that though participants’ personal information was exposed, Schwab has confirmed that the email and attachment have been deleted from the company’s email and server, and that the email was not forwarded. Schwab has, nonetheless, recommended that each participant monitor recent and future account statements carefully, check their credit reports regularly, and it has offered a free one-year credit monitoring subscription to assist participants in protecting their information. Schwab also confirmed that it is taking steps to prevent similar incidents in the future.
For more information on protecting your customers’ personal information, please contact the author, a member of the Privacy and Data Security practice, or your Polsinelli attorney.