Members of the UK鈥檚 largest higher education pensions scheme聽say the response to their data being hacked has been 鈥渨holly inadequate鈥, as lawyers consider bringing a group case on behalf of those affected.
Anyone who was a member of the Universities Superannuation Scheme (USS) in 2021 was聽warned last month聽that files containing their personal details had been accessed by hackers when they targeted the firm Capita, a technology supplier used by the pensions fund.
Names, dates of birth, National Insurance numbers, USS member numbers and retirement dates were all included in the stolen data, potentially affecting 470,000 people. Black Basta, a Russian ransomware gang, claimed responsibility for the attack.
USS has stressed that members鈥 pensions are secure and聽Capita has 鈥 to date 鈥 found no evidence the data stolen was circulating widely.
探花视频
But several聽academics who have their pensions with the fund聽have complained of noticing suspicious activity in the aftermath of the breach. One said there had been multiple unsolicited credit checks on their bank account, while others said they had experienced an influx of spam emails and calls.
Denis Nicole, a reader in electronics and computer science at the University of Southampton and an expert in cybersecurity, said the data that had been compromised 鈥渃an be used to impersonate someone, with a bit of difficulty鈥.
探花视频
But he said the real 鈥渄anger鈥 was it being used 鈥渢o give credibility to an incoming phishing email or phone call鈥.
鈥淭he most likely way it can be abused is that you could get a phone call from someone claiming to be USS or the pensions department, using this data as evidence they are genuine, then asking you to do something rash like move money to a different bank account,鈥 he explained.
USS has offered all members a free year-long subscription to Experian鈥檚 identity-monitoring service, which Dr Nicole said was 鈥渁bout as basic a level of support as you should get in case of a data breach鈥.
Tanja Bueltmann, professor of migration and diaspora history at the University of Strathclyde and a USS member, said that far from being proactive support as claimed by USS, the Experian offer 鈥減laces the onus on members鈥 to monitor for suspicious activity and 鈥渁ny issues that do arise will still have to be dealt with by the member directly鈥.
She said her major concern was for members鈥 data in the long term, given that it could be exploited for many years.聽鈥淲hat happens when the data of a member is used for fraudulent activity in more than a year鈥檚 time? Who is helping the member then and who is liable if something goes really wrong?鈥 she asked.
探花视频
鈥淲ith that in mind, my view remains that the USS response so far has been wholly inadequate.鈥
She said she recognised that many issues were out of USS鈥 control but聽its communication had been 鈥渂asically a masterclass in how not to manage an incident as serious as this鈥, adding that she and others had not received responses to concerns raised.
Sean Hunter, a partner at the legal firm Leigh Day, confirmed to聽探花视频聽that it was in the early stages of bringing a group claim on behalf of USS members against Capita for any financial losses suffered and distress caused.
探花视频
鈥淚t appears to be a serious data breach,鈥 he continued. 鈥淭his is clearly not trivial information that has been stolen. We鈥檙e looking at the merits of any claim, concentrated on Capita. But at the moment we are still trying to establish exactly what has happened.鈥
A spokesman聽for USS said it was reviewing the data it had received from Capita but the extent of the breach was in line with what had previously been communicated to members, with 鈥渘o additional personal data concerned鈥.
Asked if it would continue to work with Capita,聽he said USS鈥 focus was on 鈥渟upporting its members鈥 but the whole issue was 鈥渂eing kept under regular review鈥.
On whether members would get compensation, the spokesman said: 鈥淲hen we have greater clarity on these issues, we will pursue whatever avenues might be available in the best interests of all our members.鈥
探花视频
And responding to concerns about the response of USS and Capita, he added: 鈥淲e very much regret that this incident happened and are committed to supporting members through this very unfortunate situation. We are treating complaints we receive from members with the utmost seriousness, and we understand the concern they are experiencing.鈥
Register to continue
Why register?
- Registration is free and only takes a moment
- Once registered, you can read 3 articles a month
- Sign up for our newsletter
Subscribe
Or subscribe for unlimited access to:
- Unlimited access to news, views, insights & reviews
- Digital editions
- Digital access to 罢贬贰鈥檚 university and college rankings analysis
Already registered or a current subscriber?
