Breaches of employee data surged to the highest level in at least six years, jumping by 14% in 2024.

According to an analysis by law firm Nockolds, reports to the Information Commissioner’s Office (ICO) of breaches of employee data jumped from 3,208 in 2023 to 3,679 in 2024. The number of reported breaches relating to employees’ data is at the highest level since at least 2019 when 3,010 breaches were reported to the ICO.

Nockolds claimed that the surge in remote working since the pandemic had made it more difficult for employers to have the same security protections in place across all devices. It also means more devices being transported, and potentially lost or stolen, increasing the risk of physical breaches alongside cyber-attacks.

Data protection

What has cyber security got to do with HR?

Data breach at BBC: 25,000 employees affected

AI Act comes into force in EU: how will it affect HR?

Joanna Sutton, principal associate at Nockolds, said: “Remote working has introduced new cybersecurity challenges for organisations. Employees increasingly use personal devices and home networks that may lack robust security measures, increasing the risk of both accidental and malicious data breaches.”

The analysis also revealed that phishing attacks targeting employee data jumped by 56% over the past year, from 486 to 758. Phishing is a type of cyberattack in which attackers target employee data by impersonating legitimate sources like HR or IT to trick employees into revealing sensitive information, login credentials, or clicking malicious links.

Sutton said breaches involving employee data could have serious repercussions for HR teams.

“Employers hold sensitive information on staff and bear a legal responsibility to safeguard it,” she added. “Unfortunately, the weak point in organisational defences are often employees, which is why phishing attacks which try to trick employees into disclosing private data are on the rise. The increase in such attacks suggests that training staff to recognise threats will need to go together with technical solutions, which means that HR will play a pivotal role.”

She said employee engagement was a crucial component of effective cybersecurity. It was very easy for robust defences to be compromised because staff were not familiar with cybersecurity protocols or complying with them, she said. “The rise in employee data breaches, particularly phishing attacks directed at staff, suggests that there would be value in enhanced and regular training for employees in response to emerging threats.”

Organisations that give higher priority to cyber security would have a much stronger legal defence in the event of a data breach, Nockolds advised. Employees were also likely to be more understanding of unauthorised access to their data if policies were regularly reviewed, updated and stress tested.

Sign up to our weekly round-up of HR news and guidance

Receive the Personnel Today Direct e-newsletter every Wednesday

Email(Required) OptOut From time to time, we will send you emails about selected products, events and services from Personnel Today and OHW+ - but you can choose to opt-out at any time. If you do not wish to receive these emails, please tick this box.EmailThis field is for validation purposes and should be left unchanged.

Δdocument.getElementById( "ak_js_1" ).setAttribute( "value", ( new Date() ).getTime() );

/* = 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_129');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_129').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){jQuery('#gform_wrapper_129').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_129').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_129').removeClass('gform_validation_error');}setTimeout( function() { /* delay the scroll by 50 milliseconds to fix a bug in chrome */ }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_129').val();gformInitSpinner( 129, 'https://www.personneltoday.com/wp-content/plugins/gravityforms/images/spinner.svg', true );jQuery(document).trigger('gform_page_loaded', [129, current_page]);window['gf_submitting_129'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}jQuery('#gform_wrapper_129').replaceWith(confirmation_content);jQuery(document).trigger('gform_confirmation_loaded', [129]);window['gf_submitting_129'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_129').text());}else{jQuery('#gform_129').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger("gform_pre_post_render", [{ formId: "129", currentPage: "current_page", abort: function() { this.preventDefault(); } }]); if (event && event.defaultPrevented) { return; } const gformWrapperDiv = document.getElementById( "gform_wrapper_129" ); if ( gformWrapperDiv ) { const visibilitySpan = document.createElement( "span" ); visibilitySpan.id = "gform_visibility_test_129"; gformWrapperDiv.insertAdjacentElement( "afterend", visibilitySpan ); } const visibilityTestDiv = document.getElementById( "gform_visibility_test_129" ); let postRenderFired = false; function triggerPostRender() { if ( postRenderFired ) { return; } postRenderFired = true; jQuery( document ).trigger( 'gform_post_render', [129, current_page] ); gform.utils.trigger( { event: 'gform/postRender', native: false, data: { formId: 129, currentPage: current_page } } ); if ( visibilityTestDiv ) { visibilityTestDiv.parentNode.removeChild( visibilityTestDiv ); } } function debounce( func, wait, immediate ) { var timeout; return function() { var context = this, args = arguments; var later = function() { timeout = null; if ( !immediate ) func.apply( context, args ); }; var callNow = immediate && !timeout; clearTimeout( timeout ); timeout = setTimeout( later, wait ); if ( callNow ) func.apply( context, args ); }; } const debouncedTriggerPostRender = debounce( function() { triggerPostRender(); }, 200 ); if ( visibilityTestDiv && visibilityTestDiv.offsetParent === null ) { const observer = new MutationObserver( ( mutations ) => { mutations.forEach( ( mutation ) => { if ( mutation.type === 'attributes' && visibilityTestDiv.offsetParent !== null ) { debouncedTriggerPostRender(); observer.disconnect(); } }); }); observer.observe( document.body, { attributes: true, childList: false, subtree: true, attributeFilter: [ 'style', 'class' ], }); } else { triggerPostRender(); } } );} ); /* ]]> */

 

Latest HR job opportunities on Personnel Today

Browse more human resources jobs