How to Survive an Employee Data Breach

  • By David Lukic
  • Published: Dec 08, 2020
  • Last Updated: Mar 18, 2022

It’s not bad enough that we hear about massive data breaches (Equifax, Experian, Home Depot, Target, etc.) on the news each night, now you have to protect your own business against hacking, ransomware and even employee data breaches.

Employee data that you collect when you hire someone is private information and can contain sensitive details like a background check, security clearance, medical information, social security numbers, and even employee bank accounts along with other valuable tidbits that identity thieves would love to get their hands on. It’s up to you to protect your employee information, and if you don’t, you could be in hot water. 

It can happen to large and small companies; size does not matter. Hackers can get into anywhere. You need to know how to respond and how to survive an employee data breach that even includes salary data leak.

How to Respond to Employee Data Breach

employee data breach

Take Inventory and Take Charge

The first step you need to take is to get to know your data real fast. Figure out what was accessed by employee or company information leak  Follow the flow of information in and out of your company and research the processes to determine where the breach occurred.

Next, figure out who will take charge of the situation and pick a singular point of contact. Does the responsibility fall on the shoulders of your IT guy, or maybe the head of cybersecurity, or possibly even the CEO or CIO. One person should be leading the investigation and managing communication about the incident. Your point person can handpick their team to get everything back on track. 

Communicate to Employees/The Public

Instead of trying to cover things up, transparency works the best in these types of situations. Tell the public and your employees the truth. Let them know what information was taken and how it may affect them. You may even plan on holding identity theft sessions to teach your staff how to prepare and deal with it if they become a victim as a result of your data breach. Be prepared for the fallout, calls, emails, questions, and panic.

Designate someone to handle the communications aspect of things and assure everyone that you are doing all you can to plug the leak, minimize the damage and avoid these types of issues going forward. People want to know you are confidently taking care of it. 

Compliance also comes into play, and you may need to inform regulatory committees or government agencies about the data breach and accept the consequences for not keeping your employee’s data safe. 

Some states like Massachusetts have enacted data breach laws that require specific companies to provide identity theft assistance and credit monitoring for a year or more, after a data breach. IDStrong.com is a trusted resource and can provide these services to be in compliance. 

Figure Cost into the Picture

Any size data breach is going to cost you money. It will cost dearly to pay security experts to evaluate your network and plug the holes, and investigators to track down the thieves. Not to mention the fact that you may have to pay damages, and there could be lawsuits from employees or others affected. Don’t forget that trust is a big issue. If your customers feel that you are untrustworthy, it could cost you sales as well. You need to figure out a plan on how to position the information to reduce the overall cost. 

Going forward, you will need to fortify your systems and put into place better security. Often, taking those steps is not cheap either. Some companies invest in cybersecurity insurance policies, so you may have some leeway there and may not have to shoulder the financial burden alone. 

employee identity theft

Plan Ahead so Employee Data Breach Doesn’t Happen Again

The most important step once you get the day-to-day activities back online and alleviate everyone’s concerns, is to plan ahead, so it never happens again. Some steps to take here are: 

  • Hire the best IT/cybersecurity experts you can to secure your networks, computers, and other assets.

  • Work with HR and management to improve your processes.

  • Put into place a strict need-to-know-only policy for private information.

  • Install the best ransomware, antivirus, and anti-malware software you can afford. 

  • Get to know the bad guys who might want your information. Knowing the enemy will help you safeguard against them. 

  • Monitor and log all network activity and install video cameras in areas where sensitive information is stored. Log everything so you can review it later.

  • Educate your staff about phishing emails, strong passwords and proper controls, so they don’t inadvertently let some scoundrel in the back door via their computer.

  • Hire one person to be the overseer/gatekeeper for security, so you have a responsible party on it, at all times.

  • Once you have your new security system in place, test it thoroughly. Look for any weak links. Hire security experts to attempt to breach your network so you will have confidence in its ability to thwart criminals going forward.


Although it is impossible to protect your business 100%, a data breach has a silver lining. It will help you be much more prepared for the future and secure your previously vulnerable assets.

About the Author
IDStrong Logo

Related Articles

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach: 2013, 2015, 2021 and 2023 Hacks

T-Mobile has experienced a number of data breaches in the past decade. The first case occurred som ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that much a ... Read More

The NSA Hack, How Did it Happen?

The National Security Agency (NSA) was the main attraction in a major data breach involving three ... Read More

Latest Articles

What You Need to Know about the Delta Dental Data Breach

What You Need to Know about the Delta Dental Data Breach

Delta Dental is a dental insurance provider serving over 90 million Americans. It offers coverage in all 50 states, Puerto Rico, and Washington, D.C. The company was established in 1966 in California as part of the Delta Dental Plans Association.

What You Need to Know about the Hot Topic Data Breach

What You Need to Know about the Hot Topic Data Breach

Hot Topic plays in the fashion, apparel, and shoe industry as a retailer of music-influenced apparel and accessories, such as jeans, tops, belts, dresses, pajamas, sunglasses, jewelry, and tees.

Google Voice Scams: What They Are and How to Stay Safe

Google Voice Scams: What They Are and How to Stay Safe

Google Voice scams continue to pose a risk for users of this service. Scammers continuously attempt to lure users into divulging their verification PIN code.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Notice

By proceeding with this scan, you agree to let IDStrong run a Free Scan of supplied parameters of your personal information and provide free preliminary findings in compliance with our Terms of Use and Privacy Notice. You consent to us using your provided information to complete the Free Scan and compare it against our records and breach databases or sources to provide your Free preliminary findings report.

Rest assured: IDStrong will not share your information with third parties or store your information beyond what is required to perform your scan and share your results.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address
Close