New report exposes the nature of leaked information in data breach incidents
Human resources data has appeared in 82% of data breach incidents, according to a new analysis of millions of files leaked in the public domain.
The new analysis of Lab 1 is biggest ever content-level review of breached datasets, looking into 141 million individual files records sourced from 1,297 ransomware and data breach incidents.
It found that HR data, such as payroll, resumes, and personally identifiable information (PII), appeared in 81.7% of breaches.
Recruitment data also appeared in 58% of data breach incidents, containing information such as names, addresses, and contact details that are commonly included in resumes and cover letters.
"The fact that HR data was found in 82% of the analysed breaches should be a top concern for all company leaders, from the CHRO to the CISO," said Robin Brattel, Co-founder and CEO of Lab 1, in a statement to HRD.
Impact of leaked HR data
According to the report, breaches rich in HR content and correspondence are perfectly suited for AI-enabled weaponisation.
"These narrative-rich datasets can be used to generate synthetic identities, deepfake content, or voice-clone phishing attacks with high fidelity," the report read.
"It also significantly elevates the risk of advanced social engineering and psychological operations, especially in highly regulated industries."
The warning comes amid the prevailing vulnerability of employees to fall for phishing emails that impersonate HR or colleagues.
It also comes amid the growing cases of AI-generated deepfake personas to dupe employees, which in previous cases have led to millions of losses.
What can HR leaders do?
Measures to protect HR-related data are part behavioural and part security, according to Brattel.
"HR leaders and CISOs need to present an active and united front to embed day-to-day cyber discipline, rather than relying solely on training or policy documents," he told HRD.
Brattel added that HR leaders also need to advocate for employee protection to receive the same high level of priority as customer data.
"All in all, creating an environment of shared accountability and steady action will help organisations build the trust and protection that's important to their employees and their reputation," he said.
