Don't get left in the dark. Eclipse Special: Save $20 on professional membership with code ECLPS17
HR professionals share their advice for minimizing worker stress and boosting retention.
Is your employee handbook ready for the changing world of work? With SHRM’s Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Virtual SHRM-CP/SHRM-SCP Certification Prep Seminars kick off September 12 and fill up fast!
Expand your influence and learn how to become an effective leader. Join us in Phoenix, AZ | OCTOBER 2 - 4, 2017
HR professionals who work for Gannett Co. Inc., were the victims of a cyberattack that exposed the data of 18,000 current and former Gannett employees.
Gannett publishes USA Today and more than 200 other news publications worldwide.
McLean, Va.-based Gannett warned workers that "hackers may have had access to their personal information after the e-mail accounts of people who work in its human resources department were broken into," reported the Associated Press.
Gannett said there was also an unsuccessful attempt to wire transfer corporate money.(The Associated Press)
The breach was discovered March 30.
Gannett said several of its HR employees had been the victims of a phishing attack. Hackers tricked HR professionals into giving them access to their e-mail accounts and corporate logins. The login credentials gave hackers access to employees' data.
The company told employees via letters that their Social Security numbers, banking details and other personal information may have been compromised.
Gannett, which also publishes The Arizona Republic, the Detroit Free Press, The Des Moines Register, and The Tennessean, reportedly notified authorities and offered current and former employees free credit monitoring.
[SHRM members-only toolkit: Record-Keeping Policy: Safeguarding Social Security Numbers]
HR departments make easy targets, experts say, because they're the keepers of a treasure trove of personal information. Between January and March of 2016, more than 55 companies were reportedly tricked into e-mailing cybercriminals sensitive payroll data, SHRM Online reported.
In most cases, junior HR professionals were duped when they received fake e-mail messages from hackers posing as senior company officials. They fell for the scam and e-mailed W-2s to cyberthieves—despite company policy against sending sensitive information over email. Crooks then took the W-2s and filed fake federal tax returns and claimed refunds from the government.
Some HR professionals have been fired for exposing private data.
Video: Watch, Listen, Learn
If you've been the victim of a W-2 phishing attempt, this video can show you what steps to take next.
Additional Tips for HR
Experts offered these tips to help HR professionals so they avoid being compromised by cyberthieves:
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Your session has expired. Please log in again before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
Choose from dozens of free webcasts on the most timely HR topics.
SHRM’s HR Vendor Directory contains over 3,200 companies
[/_catalogs/masterpage/SHRMCore/Main.master][Title][SHRM Online - Society for Human Resource Management]