Data on the payroll system includes names and bank details of current and past armed forces members, and in some cases addresses.
The system was managed by an external contractor.
The government has not found evidence that hackers removed data from the system, but is set to provide service people affected with further information about concerns related to the breach.
Read more: BBC, British Airways and Boots payroll hacked
Matthew Akrigg, policy and research officer at the Chartered Institute of Payroll Professionals, told HR magazine that payroll is often the first target of cyber attacks.
He said: “Payroll data is one of the most valuable assets for businesses. As such, it has become a target for malicious groups seeking to gain inside information or to ransom for profit.
“It is key that you have robust data controls and processes in place to limit your exposure to an attack. However, as the latest news has shown, this can happen to organisations despite the resources available to prevent such attacks, therefore it is also essential to have a relationship with a disaster recovery specialist, who can guide you through the specifics of dealing with the unfortunate aftermath.”
Charles Milton, VP strategic alliances at cybersecurity platform Censornet, said cybersecurity threats are becoming more frequent, while dedicated resources are shrinking.
Speaking to HR magazine, he said: “The sheer number of cybersecurity alerts facing businesses each day has grown exponentially. To stay secure, each alert needs investigating.
“And, to make matters worse, IT teams are shrinking. This is having a huge impact on the health of cybersecurity teams.”
Research from Censornet found UK small and medium businesses experienced a 37% surge in daily cybersecurity warnings over the 2023/ The volume of cyber security warnings rose from 597 in 2023 to 815 in 2024, leaving security professionals with just 87 seconds to review each security incident and decide what is a genuine threat.
Andrew Rose, chief security officer at human risk management platform SoSafe, said the responsibility for cybersecurity should not only fall on IT departments.
He told HR magazine: "HR departments, regardless of size, have to balance attention across both technology and people. Often, cyber security is left to the IT department, but this is no longer effective as it’s people who are at the centre of organisations’ defence against attacks. The focus must be on building a security-first culture and HR professionals must lead the charge in promoting a workforce that puts the human-factor at the centre."
Read more: Government invests in workplace cybersecurity
Milton said this means employers need to make all staff aware of security risks.
He said: “Organisations need to ask themselves: are employees putting the business at risk by choosing convenience over security? Do they even know the risks they are choosing?
“Strengthening the human firewall via training, and developing policies to drive cultural change are key in changing user behaviour. This can be done through a data-driven approach, with realistic phishing simulations and other training sessions to track an organisation’s human cyber risk and build and strengthen staff’s cyber defence skills.”
Censornet's research was conducted between 10th – 17th January 2024 by surveying 200 UK IT and security leaders.
