For the second time in as many months, Lincoln National Life Insurance Company and Lincoln Life & Annuity Company of New York have notified the New Hampshire Attorney General’s Office of a security breach.
By letter dated August 15, the company’s attorneys reported that due to a programming error that existed in the database’s search function since October 2009, the names and Social Security Numbers of current and former retirement plan enrollees were accessible to plan administrators other than their own plan’s administrator.
The company first became aware of the issue on July 18 when a plan administrator notified them. An internal investigation found no indication of abuse of searches and no evidence that any search results had been downloaded, exported or printed (comprehensive logging paid off – Dissent).
On August 17, notification letters and an offer of free credit monitoring services were sent to the 91,763 plan enrollees who would have been potentially affected.
Last month, the company reported an email error that exposed 705 individuals’ names and Social Security Numbers to the wrong payroll vendor.