Merrill employee exposes Walmart pension plan members


An employee of Merrill, a division of Bank of America, made an email error that exposed nearly two thousand Walmart 401(k) Plan participants, revealing their personal data.

Sharing data via email can turn sour, as Merrill‘s recent data breach notification shows. Merrill, which functions as Bank of America‘s investment and wealth management division, exposed 1,883 individuals, likely employees of Walmart.

According to the breach notification letter that the bank submitted to the Maine Attorney General’s office, Merrill serves as a recordkeeper for Walmart 401(k) Retirement Plan. In the US, 401(k) serves as an employer sponsored personal pension savings account.

“On April 16th, 2024, a Merrill employee inadvertently disclosed personal information to an unauthorized recipient via an isolated email error. We became aware of this event on April 22nd, 2024,” Merrill said.

The exposed data included pension plan members’ names, surnames, and Social Security numbers. The misplaced email has since been deleted, the company said, adding that it is not aware of any misuse of the disclosed personal details.

However, Merrill said it will provide impacted individuals with two years of complimentary identity theft protection services. The company also advised those affected to review their credit reports and account statements, checking for any unauthorized transactions.

It’s not the first time that Walmart employees have their data revealed. Earlier this year, one of the retail behemoths’ employees accessed colleagues’ employment management accounts from September 2023 until March 2024.

Merrill, branded as Merrill Lynch until 2019, employs nearly 15,000 staff, and manages nearly $3 trillion in client assets.


More from Cybernews:

Online video downloader exposes user data, including explicit content

Political advisor, telecom, fined $8M for Biden deepfake robocalls

Tomb Raider games CEO: humans still key to creativity in AI era

US gov sues Live Nation-Ticketmaster to break up market monopoly

Reject all cookies but get them anyway? Websites abusing “legitimate interest”

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked