We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
Aegon - Online Security Issue?
I’d appreciate views and opinions about a disused financial account please…
I once held a Stocks & Shares ISA with Aegon/Cofunds. In 2019, I transferred all funds (and associated cash) to another provider and requested Aegon close the account. Long story short – as of today, I can still login to the online account where some of my personal details are visible (i.e. full name, address, DoB and NI number).
I have contacted Aegon several times in recent years about this issue and it’s never been resolved to my satisfaction. Most recently (earlier this month) I “chatted” online to an Aegon customer services agent who advised that I input an incorrect password three times at which point the account would be automatically locked. I did not consider this to be a good solution so I didn’t follow the advice but instead posted a letter of complaint to Aegon Cofunds Complaints Team to request that the online account, and all personal data that Aegon are not legally mandated to retain, be permanently removed. I received a reply by email informing me that the account “had a nil balance and has been marked as closed/inactive”.
I don’t like the idea of leaving trails of digital breadcrumbs scattered about the Web but am I being overly sensitive about online security? After all, the account is password protected - although not a particularly secure password by today’s standards. Or is it time to involve the Financial Ombudsman?
Comments
-
am I being overly sensitive about online security?
I would say so yes, if you want the password to be more complicated then make it more complicated and totally unique. The data contained within the account will be on their systems for at least another six years, likely longer. None of those details you mention are public facing, they are within your account.
It is odd that they never closed it as their stated policy is to close it when all funds are withdrawn, but I really do not think it matters that they have not.
1 -
You would need to raise it as a complaint with Aegon 1st & go through their complaints process before taking it to FOS.
Life in the slow lane1 -
Sounds like they're not recognising the distinction between one account and another, i.e. emptying/closing the ISA is completely separate from wiping an online account which can presumably be used to service multiple individual products.
If they haven't addressed your complaint adequately, is it still open, or have you received a final response that you can now take to FOS?
Alternatively (or as well) you could report them to the ICO for mishandling your personal data…
2 -
as of today, I can still login to the online account where some of my personal details are visible (i.e. full name, address, DoB and NI number).
That is not unexpected. It happens with most platforms.
I did not consider this to be a good solution so I didn’t follow the advice but instead posted a letter of complaint to Aegon Cofunds Complaints Team to request that the online account, and all personal data that Aegon are not legally mandated to retain, be permanently removed.
There is actually very little data they can remove. A lot of it will be retained upto several decades. Plus, the adviser you used will hold all your data indefinitely.
but am I being overly sensitive about online security?
Partially yes. However, they can block online access.
Or is it time to involve the Financial Ombudsman?
The FOS cannot tell them to delete your data. Nor can the ICO. (as there is no breach). Retaining your data is not an issue as they have the right to do so.
However, as they can block online access and haven't done so as part of the complaint resolution (assuming it is a complaint resolution and not an unrelated response) then if that is their final response, then you could refer it to the FOS.
I am an Independent Financial Adviser (IFA). The comments I make are just my opinion and are for discussion purposes only. They are not financial advice and you should not treat them as such. If you feel an area discussed may be relevant to you, then please seek advice from an Independent Financial Adviser local to you.2 -
In two weeks time, it will be 7 years since there has been any money in the account and I requested the account be closed at that time. I quite agree that the personal data is not public facing and only available by logging in to the account (using a password) but in principle, why leave redundant accounts, containing personal details, accessible online. What's the point of that?
That's what I did earlier this month:
"[I] posted a letter of complaint to Aegon Cofunds Complaints Team to request that the online account, and all personal data that Aegon are not legally mandated to retain, be permanently removed. I received a reply by email informing me that the account “had a nil balance and has been marked as closed/inactive”."
I followed Aegon complaints process, as detailed on their website. I don't understand what Aegon's idea of "closed/inactive" means when the online account is still accessible today).
I see your point. My letter of complaint made it clear that the issue I had was two-fold: Firstly, I made it clear that I wanted the online account, and online access to it, removed and secondly, I requested removal of personal data (that they were not mandated to retain). Aegon's email response (to my letter of complaint) I recently received made no mention of "final response" or similar. In fact, the email reply sounded quite casual and didn't mention the word 'complaint' and the sender was "APReferrals@Aegon.co.uk" and signed "Customer Care" whereas I had sent my letter of complaint to "AegonCofunds Complaints Team" as directed by their website.
0 -
I followed Aegon complaints process, as detailed on their website. I don't understand what Aegon's idea of "closed/inactive" means when the online account is still accessible today).
Closed/inactive accounts doesn't mean the access has to be removed. The two things are not linked.
For example, if someone has a GIA, then all their contract notes and transaction history will be in the document library. When doing capital gains tax queries decades down the road, they might want access to that data.
I am an Independent Financial Adviser (IFA). The comments I make are just my opinion and are for discussion purposes only. They are not financial advice and you should not treat them as such. If you feel an area discussed may be relevant to you, then please seek advice from an Independent Financial Adviser local to you.1 -
I don't understand what Aegon's idea of "closed/inactive" means when the online account is still accessible today
If you asked them close the actual Stocks & Shares ISA account. That is what they will do. That will not remove the online access. So you would need to ask then to remove the online access. As above they are 2 totally different things.
Which would still leave your details on their system. As they will not remove them, incase HMRC come a calling for any details.
Life in the slow lane0 -
Just to clarify…
I made it clear to Aegon that I wanted the online account, and online access to it, removed.
I understand that financial organisations have a legal obligation to retain certain personal details and I have no problem with that if they store such info. in a secure manner but I don't see the benefit (quite the opposite) of such info. - or at least some of it - still being available via online login.
I will follow this up first with Aegon and if I still find I have access to the online account, I'll contact the ombudsman.
Just to say I won't be visiting this thread again. Thanks for all your thoughts and kind regards.
0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 354.8K Banking & Borrowing
- 254.5K Reduce Debt & Boost Income
- 455.6K Spending & Discounts
- 247.6K Work, Benefits & Business
- 604.6K Mortgages, Homes & Bills
- 178.6K Life & Family
- 262.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.7K Read-Only Boards