Data on State Street Employees, Customers Goes Missing

May 30, 2008 (PLANSPONSOR.com) - State Street has reported that personal data on both its employees and customers has been stolen.

The Boston-based firm has begun sending precautionary notifications to employees and some customers of the former Investors Financial Services Corp. (“IBT”) that computer equipment containing certain personal data was stolen from a vendor’s facility.   According to a  press release , IBT – a firm that State Street acquired in 2007 (see  State Street to Buy Boston Financial Services Provider for $4.5B ) – had engaged the unnamed vendor for legal support services.

The Boston Globe reported that a disk drive containing personal details from details on 5,500 people who worked for Investors Financial at the time – and on 40,000 accounts held by individuals whose pension plans or assets Investors Financial had managed – had been stolen from the vendor’s facilities.

Never miss a story — sign up for PLANSPONSOR newsletters to keep up on the latest retirement plan benefits news.

State Street is offering free credit monitoring services for two years to people whose data were compromised, in line with other banks in similar situations.   The Globe reported that at the time of the transfer, the data was encrypted – but spokeswoman Carolyn Cichon told the Globe that the firm had unencrypted the information for its work and stored it on the hard drive that was then stolen.

Lost Data

Lost details included individuals’ names, addresses, dates of birth, and, in some cases, Social Security numbers. There is no evidence to date to suggest that the data has been misused or that legacy State Street customers or employees are impacted, according to State Street.

The theft was reported to federal authorities, Cichon said, and to local ones the company declined to identify to the Globe. Although the theft occurred in December and was reported to State Street in January, State Street didn’t disclose the breach publicly or to individuals until yesterday because it took months to determine who was affected, according to the Globe.


Information for those potentially impacted by the data theft can find more information at

«