Voya Financial webpage glitch exposes Social Security numbers of reps

Voya Financial Advisors Inc. on Friday told its brokers and financial advisers that a glitch on a biography webpage for its brokers put their Social Security numbers at risk of exposure.

According to a memo, Voya Financial Advisors’ information technology staff discovered the error on Nov. 29. The error manifested itself on the Voya Financial “Find a Professional” webpage; if someone pasted the link to a Voya broker’s biography webpage into a text message or on social media, the broker’s full Social Security number would display in the link.

Voya Financial Advisors had 1,800 registered reps and financial advisers with close to $51 billion in client assets at the end of 2017, according to InvestmentNews data. Information from 2018 is not yet available.

It was not clear from the memo how many advisers at the firm were affected by the webpage glitch.

“This matter was associated with a coding configuration issue — it did not involve any unauthorized access or disclosure of our advisers’ personal information,” Voya spokesperson Laura Maulucci wrote in an email. “A number of conditions would have been required for an adviser’s information to be seen. There was no evidence of any unauthorized viewing of personal information in this manner.”

The error on the webpage existed from April 9, 2016, until the end of November, according to the memo. The firm said that it had no evidence that the mistake revealing advisers’ Social Security numbers had been “maliciously exploited,” according to the memo.

Voya Financial Advisors recently reported other errors regarding data security. In September, the firm said it would pay $1 million to settle Securities and Exchange Commission charges regarding a data security breach that compromised the personal information of thousands of customers.

Firms have been tripping up recently by accidentally exposing confidential information about financial advisers. Last month, it was reported that BlackRock Inc. exposed sales — not personal — information on 20,000 financial advisers. And in November, LPL Financial took steps to safeguard financial advisers and their clients whose names, addresses, account numbers and Social Security numbers were exposed in a data breach.