Your 401(k) is the new identity theft target

An impostor phoned Alight Solutions, nan recordkeeper for Colgate-Palmolive's 401(k) plan, and identified herself arsenic a Colgate employee. She asked to update nan interaction accusation connected an account. Months later, nan full $751,430 equilibrium had been sent successful a azygous lump sum to a Las Vegas reside and slope account. The existent relationship holder, Paula Disberry, was surviving successful South Africa.

Disberry sued Alight, Colgate's benefits committee and BNY Mellon, nan plan's custodian, to retrieve nan money. The lawsuit was later settled connected undisclosed terms. The tribunal ne'er ruled connected whether Alight had to reconstruct nan funds.

In February 2026, nan Government Accountability Office told nan U.S. Department of Labor to rumor caller guidance connected status scheme subordinate data. The GAO cited eleven abstracted lawsuits revenge betwixt 2009 and 2024 nether nan Employee Retirement Income Security Act, nan national rule governing backstage status plans.

When relationship takeover hits a 401(k), nan user protections that govern in installments paper fraud do not apply.

 Sign up for my FREE CyberGuy Report

• Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox.
• For simple, real-world ways to spot scams early and enactment protected, sojourn CyberGuy.com - trusted by millions who watch CyberGuy connected TV daily.
• Plus, you'll get instant entree to my Ultimate Scam Survival Guide free erstwhile you join. 

REMOVE YOUR DATA TO PROTECT YOUR RETIREMENT FROM SCAMMERS

A stolen 401(k) shows really 1 telephone call, exposed individual specifications and anemic account-change safeguards tin drain status savings. (Kurt "CyberGuy" Knutsson)

How nan 401(k) relationship was drained

The Disberry lawsuit began erstwhile an impostor called Alight's Benefits Information Center. She gave Disberry's name, nan past 4 digits of her Social Security number, her day of commencement and nan mailing reside Alight had connected file. That was capable to clear nan telephone center's information check.

She past asked Alight to update nan interaction accusation connected Disberry's account. Alight did not nonstop an alert to Disberry's existing email reside aliases telephone number, some of which it had connected file. Instead, nan institution issued a impermanent password done nan mail.

Disberry's scheme had a 14-day waiting play betwixt an reside alteration and immoderate distribution. Her suit alleged that Alight skipped it. Within weeks, nan impostor logged in, requested a afloat payout, and BNY Mellon mailed a cheque to a Las Vegas address.

Why nan 401(k) relationship takeover isn’t an isolated case

Heide Bartnett, a erstwhile Abbott Laboratories employee, sued Alight complete a $245,000 401(k) distribution. She alleged that a hacker utilized nan scheme portal's "forgot password" characteristic to reset her credentials and trigger nan payout. Other status scheme recordkeepers person faced akin cybertheft lawsuits.

The problem extends beyond 401(k) accounts. The FBI's April 2026 Internet Crime Report recovered that Americans 60 and older mislaid $7.7 cardinal to net crime successful 2025, a 59% jump from nan twelvemonth before. Investment fraud accounted for $3.5 cardinal of those losses, making retirement-age savers a awesome target for online criminals. 

INSIDE A SCAMMER’S DAY AND HOW THEY TARGET YOU

Retirement relationship takeovers tin commencement pinch leaked names, commencement dates, partial Social Security numbers and reused passwords from past information breaches. (Kurt "CyberGuy" Knutsson)

How thieves return complete status accounts

Account takeovers statesman pinch accusation personification already has. Names, dates of birth, partial SSNs and email addresses look successful dark web breach dumps, often mixed pinch leaked passwords from unrelated services. When nan relationship holder reuses a password crossed accounts, hackers tin trial that breach information straight against nan recordkeeper's login portal.

Disberry's takeover bypassed nan login portal entirely. The impostor ne'er logged successful to Disberry's relationship directly. She called Alight's telephone center, utilized what she already knew astir Disberry to clear personality verification and had nan interaction accusation changed. After that, nan impermanent password Alight mailed went location only nan impostor could intercept.

Some thieves skip nan recordkeeper and spell consecutive for nan relationship holder. The New York Times documented nan lawsuit of Barry Heitin, a 76-year-old retired lawyer, who mislaid $740,000 successful 2024 aft receiving a telephone from personification claiming to beryllium a national fraud investigator. The caller convinced Heitin that his status accounts were nether onslaught and walked him done transferring nan money retired himself. He believed he was helping a national investigation.

How to protect your 401(k) and status savings

Federal protections for status relationship theft are limited, but respective account-level controls costs thing and whitethorn make takeovers harder.

• Turn connected multi-factor authentication connected nan recordkeeper portal. A stolen password is acold little useful erstwhile a one-time codification is required.
• Enable each account-change alert. Email and matter alerts for password resets, interaction accusation updates, reside changes and slope relationship changes are nan earliest signals that personification other has entree to your account.
• Ask your scheme administrator astir distribution holds. Some plans enforce a waiting play betwixt an reside alteration and immoderate distribution. Get nan argumentation successful penning and corroborate what triggers nan hold.
• Review statements quarterly. A caller slope relationship aliases a alteration successful interaction accusation shows up faster connected a quarterly reappraisal than connected an yearly one.
• Get an IRS Identity Protection PIN. The six-digit PIN, disposable astatine irs.gov/ippin, blocks fraudulent taxation returns revenge utilizing your SSN.
• Freeze your in installments astatine each 3 bureaus. A freeze blocks caller accounts from being opened successful your name. Equifax, Experian and TransUnion person offered free freezes since September 2018.

HOW TO STOP IMPOSTOR BANK SCAMS BEFORE THEY DRAIN YOUR WALLET

Multi-factor authentication, account-change alerts, in installments freezes and regular connection reviews tin thief protect your 401(k) earlier thieves strike. (Kurt "CyberGuy" Knutsson)

Where personality theft monitoring tin help

Account-change alerts connected nan recordkeeper portal only activity if nan recordkeeper sends them. The Disberry lawsuit showed what tin hap erstwhile those alerts spell unsent.

A beardown personality theft monitoring work tin adhd different furniture of protection by watching for suspicious activity beyond nan status scheme portal. Some services fto you nexus bank, in installments paper and finance accounts truthful you tin person alerts erstwhile unfamiliar transactions appear. In a status relationship takeover, that could thief emblem suspicious money activity moreover if nan recordkeeper misses nan outgoing transfer.

Many personality theft monitoring services besides watch for changes crossed your in installments reports, scan nan acheronian web for exposed individual accusation and hunt information agent aliases people-search sites for your details. Some plans besides see fraud solution support and personality theft security for eligible betterment costs.

How to cheque if your individual accusation was exposed

If you are unsure whether criminals person already exposed your information, return action now. Start pinch a free personality breach scan to spot whether your information appears successful known leaks. Early discovery gives you much power and helps you respond earlier fraud spreads. You tin besides cheque whether your individual accusation is already being utilized for personality theft, fraud aliases appearing connected nan acheronian web.

See my tips and champion picks connected Best Identity Theft Protection astatine CyberGuy.com

Kurt's cardinal takeaways

Retirement accounts tin consciousness abstracted from nan mundane fraud risks we perceive astir pinch in installments cards, email accounts and slope logins. But this lawsuit shows really quickly a 401(k) tin go a target erstwhile personification has capable individual accusation to fool a telephone halfway aliases reset relationship access. The scary portion is that a stolen status relationship whitethorn not travel pinch nan aforesaid user protections group expect from in installments paper fraud. That makes prevention and early informing signs moreover much important. Turn connected multi-factor authentication, alteration each relationship alert your scheme offers and inquire your employer aliases scheme administrator what happens aft an address, telephone number aliases slope relationship change. No 1 should person to find retired months later that their life savings disappeared. The earlier you spot suspicious activity, nan amended your chances of stopping nan harm earlier it becomes a financial nightmare.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Should status plans beryllium required to nonstop stronger alerts earlier immoderate awesome relationship alteration aliases distribution, particularly erstwhile someone's life savings are connected nan line? Let america cognize by penning to america astatine CyberGuy.comCyberguy.com

 Sign up for my FREE CyberGuy Report

• Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox.
• For simple, real-world ways to spot scams early and enactment protected, sojourn CyberGuy.com - trusted by millions who watch CyberGuy connected TV daily.
• Plus, you'll get instant entree to my Ultimate Scam Survival Guide free erstwhile you join. 

Copyright 2026 CyberGuy.com. All authorities reserved.