Dear CUPE members,
As you may be aware, the administrators of the Nova Scotia Health Employees’ Pension Plan (NSHEPP) have notified all plan members and unions that Accellion (the third-party secure email vendor for the pension plan) experienced a privacy breach that may have compromised personal data.
An investigation was conducted, which found that it was possible for data on the plan’s server to be accessed between November 25, 2020 and January 25, 2021. Data stored on the server includes names, addresses, dates of birth, social insurance numbers, salaries, identifier numbers, dates of hire, dates of termination and dates of retirement.
CUPE representatives were notified about the breach by the Stefan Colwell, CEO of the pension plan. At this time, we are satisfied that the necessary measures are being taken to secure the system and prevent further breaches.
It is not certain that any personal data was accessed, but we are confident that the NSHEPP took the appropriate actions, shutting down the Accellion server, implementing security measures, and hiring a third-party to assist with the process.
All plan members should have received a letter from the NSHEPP, or will soon, explaining the incident and providing them with details about how to register with Equifax. We urge all CUPE members who are part of the pension plan to follow these steps recommended by plan administrators:
- Use NSHEPP’s two-factor authentication for secure email.
- Watch for a letter from NSHEPP that will explain how to sign up for one year of credit monitoring and fraud protection, made available through Equifax.
For related updates and Frequently Asked Questions, please visit the website at www.nshepp.ca. Questions can be directed to the NSHEPP at 1-866-349-3177 (toll free) or by email at email@example.com.
CUPE NS President
CUPE Atlantic Regional Director