Around 15,000 Standard Life customers have been warned that they could face ID theft after a courier's blunder exposed their banking and pension details.
HM Revenue and Customs (HMRC) hired a courier to carry the data, which pertains to people who had opted out of state pensions, but two discs were misplaced.
The incident happened five weeks ago, and HMRC has only just warned that the individuals could be at risk.
"We very much regret the loss of some customer information, which went missing after it had been collected from us by our external courier, but before it had been delivered," said HMRC in a statement.
"We take the security of customer information very seriously and have notified the financial institutions concerned.
"We have also put in place precautionary measures to check our customer records for any fraudulent activity, and are taking steps to minimise the risks of a similar incident happening in the future."
For security reasons HMRC has refused to say whether the disk was encrypted.
"Standard Life immediately took all necessary security steps to protect those customers affected," said Yvonne Savage, PR manager for Standard Life Assurance Ltd.
"This included working with HMRC to contact customers to advise them of what had happened and suggest what additional security measures they should take to protect themselves.
"All customers who could potentially be affected will, by now, have received a letter from HMRC."
HMRC's data security record is not good at the moment. Last month it admitted losing a laptop containing sensitive banking customer data from the boot of a car.
Comcast's £29.7bn winning bid more than twice the £13.7bn Rupert Murdoch valued Sky at just eight years ago
A nuclear strike has been considered, but Bruce Willis is nowhere in sight
Spray-on antenna could enable seamless integration of antennas with everyday objects
Parker Solar Probe, TESS and GOLD missions will deliver exciting data, claims NASA