In 2024, the number of breaches of employee data will increase by 14%. This is the highest in six years.
An analysis by Nockolds found that reports of breaches involving employee data to the Information Commissioner’s Office jumped from 3208 in 2023 up to 3,679 2024. The number of breaches involving employee data has reached its highest level since 2019, when the ICO received 3,010 reports.
Nockolds stated that employers were finding it harder to implement the same security measures across all devices due to the increase in remote work since the pandemic. This also increases the likelihood of devices being lost or stolen and transported.
Joanna Sutton is a principal associate with Nockolds. She said that remote working poses new cybersecurity challenges to organisations. Employees are increasingly using personal devices and networks at home that lack robust security, which increases the risk of accidental or malicious data breaches.
The analysis revealed that the number of phishing attempts targeting employee data increased by 56% in just one year. From 486 to 758, this is a jump from 486. Phishing, a cyberattack, targets employee data. Attackers impersonate legitimate sources such as HR or IT in order to trick employees into divulging sensitive information, login details, or clicking malicious hyperlinks.
Sutton warned that breaches of employee data can have grave repercussions on HR teams.
She added, “Employers have sensitive information about their employees and are legally responsible to protect it.” “Unfortunately, employees are the weakest link in the organisational defenses, which is why the number of phishing attempts to trick employees into divulging private information has increased. This increase in attacks indicates that technical solutions will be needed to complement training of staff to recognize threats. HR will therefore play a key role.
She said that employee engagement is a critical component to effective cybersecurity. She said it was easy to compromise robust defenses because staff did not know or follow cybersecurity protocols. The rise of employee data breaches and phishing attacks against staff suggests that regular and enhanced training would be beneficial to employees as a response to emerging threats.
Nockolds said that organisations who give greater priority to cyber-security would be better able to defend themselves in the case of a breach. Nockolds said that employees would be more tolerant of data breaches if their policies were reviewed and updated regularly.
Subscribe to our weekly HR news and guidance
Every Wednesday, receive the Personnel Today Direct newsletter.
Personnel Today has the latest HR job openings.
Browse Human Resources Jobs
