Blue Sky Group (BSG) takes care of, among other things, our pension administration, answers your pension questions, collects the pension premium from your employer and arranges your pension benefit. The records show, among other things, since when you joined the pension scheme, how much pension you have accrued and your address details. This only contains information that is necessary to properly administer your pension rights.

Employers are legally obliged to accommodate the pension scheme for their employees outside their own company. This way, the pension is safe if the employer gets into financial trouble. Your pension fund works together with BSG for this.

There was a data breach at our pension administration organization Blue Sky Group after malicious persons were able to gain access to a mailbox via a phishing email. This means that personal data has come into the hands of people outside Blue Sky Group without intention.

This almost certainly concerns data such as names, bank account and policy numbers and pension amounts of participants who receive a pension or participants for whom a value transfer has taken place. It follows from a preliminary analysis that no personal data has been leaked from participants who have not yet retired.

There is a possibility that those who have obtained certain personal data, will try to impersonate someone else. They can use this to approach companies or banks, for example. All companies are very aware of that these days.

Another possibility is that they approach you by email or telephone, pretending to be Blue Sky Group or your pension fund. From the preliminary analysis, it appears that your phone number or email address is not in the files. It is important to keep in mind the usual rules of thumb in this area:

The rules of thumb that can help you and us to prevent fraud are:

• Pay close attention to the email address, sender and spelling mistakes. Criminals can impersonate Blue Sky Group or your pension fund.
• Blue Sky Group or your pension fund never asks for passwords or changes by e-mail or telephone (including transferring money).
• Do not transfer money to other account numbers than you did before and do not share confidential information by e-mail.
• If in doubt, please contact us to verify that a request or email is authentic.

Report phishing and any other fraudulent activity to us so that further action can be taken.

No, your pension is not at risk. You don't have to worry about this. They had no access to the administration.

No data has disappeared. All your data is still available to us, so that we can continue to do our work for you. However, this data may have been copied and in the hands of malicious parties.

It is not necessary to change your password. Passwords are not part of the leak.

There are no risks for your own PC, laptop or tablet. 

U loopt geen risico met uw eigen PC, laptop of tablet. Het datalek heeft plaatsgevonden op de servers van Blue Sky Group en niet op die van individuele deelnemers. Wel is het van belang om alert te blijven en niet in te gaan op vragen naar gebruikersnamen en wachtwoorden.

Pensioenfonds Staples en Blue Sky Group vragen u nooit via mail of telefoon om uw gegevens te wijzigen en vragen nooit naar gebruikersnamen en wachtwoorden.

Blue Sky Group, our pension administrator, has reported the incident to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) and filed a report with the police.

It is not possible to remove your personal data from our administration. We need your data for the implementation of the pension scheme.

We don't know who the hackers are. We are not in contact with them.

All data that may have been leaked will be analysed. Blue Sky Group has engaged a specialized research agency for this.

Blue Sky Group, our pension administrator, has taken a series of measures to minimize the chance of a recurrence.