In Focus: HR Targeted in Gannett Co. Inc. Hack Attack

By Aliah D. Wright May 4, 2017

HR professionals who work for Gannett Co. Inc., were the victims of a cyberattack that exposed the data of 18,000 current and former Gannett employees.

Gannett publishes USA Today and more than 200 other news publications worldwide.

McLean, Va.-based Gannett warned workers that "hackers may have had access to their personal information after the e-mail accounts of people who work in its human resources department were broken into," reported the Associated Press.

Gannett said there was also an unsuccessful attempt to wire transfer corporate money.(The Associated Press)

The breach was discovered March 30.

Gannett said several of its HR employees had been the victims of a phishing attack. Hackers tricked HR professionals into giving them access to their e-mail accounts and corporate logins. The login credentials gave hackers access to employees' data.

The company told employees via letters that their Social Security numbers, banking details and other personal information may have been compromised.

Gannett, which also publishes The Arizona Republic, the Detroit Free Press, The Des Moines Register, and The Tennessean, reportedly notified authorities and offered current and former employees free credit monitoring.

(Morning Star)


[SHRM members-only toolkit: Record-Keeping Policy: Safeguarding Social Security Numbers]


HR departments make easy targets, experts say, because they're the keepers of a treasure trove of personal information. Between January and March of 2016, more than 55 companies were reportedly tricked into e-mailing cybercriminals sensitive payroll data, SHRM Online reported.  

In most cases, junior HR professionals were duped when they received fake e-mail messages from hackers posing as senior company officials. They fell for the scam and e-mailed W-2s to cyberthieves—despite company policy against sending sensitive information over email. Crooks then took the W-2s and filed fake federal tax returns and claimed refunds from the government.

Some HR professionals have been fired for exposing private data.

(SHRM Online)

Video: Watch, Listen, Learn

If you've been the victim of a W-2 phishing attempt, this video can show you what steps to take next.



Additional Tips for HR


Experts offered these tips to help HR professionals so they avoid being compromised by cyberthieves:

  • Use common sense. Pick up a telephone and call and talk to the person who sought the sensitive data.
  • Don't send sensitive information by e-mail or text.
  • Train employees on cybersecurity awareness.
  • Don't click on links embedded in e-mails. Hover your mouse over all links and if a web address looks odd, don't click on it.
  • Look for spelling errors in both e-mails and the web addresses.

    Hackers are becoming more inventive.

    As SHRM Online reported earlier this year, HR departments were also targeted by hackers who sent ransomware embedded in job applications.

    "The cybercriminals behind the attacks demand about $1,000 in digital currency called bitcoin to restore data on infected computers," according to a recent blog post by Check Point Software Technologies Ltd.

     (SHRM Online)

    Was this article useful? SHRM offers thousands of tools, templates and other exclusive member benefits, including compliance updates, sample policies, HR expert advice, education discounts, a growing online member community and much more. Join/Renew Now and let SHRM help you work smarter.


Job Finder

Find an HR Job Near You
Post a Job


Join SHRM's exclusive peer-to-peer social network

Join Today


Find the Right Vendor for Your HR Needs

SHRM’s HR Vendor Directory contains over 10,000 companies

Search & Connect