The short answer is yes.
A data breach involving more than four million federal employees was announced in early June. The breach, involving the U.S. Office of Personnel Management (OPM), involved personnel records and security clearances.
During the breach, hackers gained access to the financial, health, and personnel files of members of the military, and others, who applied for government security clearances. In addition, sensitive information belonging to millions of friends and family members of clearance applicants was siphoned off in the hack. The stolen data could be used to identify specialists, scientists, and others operating covertly in foreign countries.
Thefts of employee, financial, and healthcare data is, unfortunately, becoming more and more common. Earlier this year, investigators linked attacks on healthcare insurers Anthem, Premera Blue Cross, and CareFirst to Chinese hackers. The Anthem attack alone is believed to affect close to 80 million consumers. Even Donald Trump is not immune. Krebs on Security recently revealed that Trump Hotels suffered a data breach extending back months. And while the Target data breach of 2013 startled consumers and banks, the provision of free security monitoring to compromised consumers is now mainstream.
A serious breach of HR files could occur to any business, or enterprise. What can you do about it?
Hot issues for HR cyberscecurity
Outstripped legacy systems and practices are not just a problem of the federal government. Businesses of all size are vulnerable to internal and external intruders. The vast security weaknesses evident in federal systems are mimicked each day in business, state, non-profit and other information technology (IT) systems.
The IT security challenges facing most business today include:
Jaime, thanks for posting! We were just talking about this topic on a webinar the other day. (Data for Good, Data for Evil and the Aggregation of Everything) I think we take for granted that our data is secure. We see the speed of technology and innovation outpacing the legislation around our data and I think most people are quick to forget these huge breaches if they are not directly touched by it.