Retirement Plan Cyberattacks a Real Threat for Fiduciaries

Retirement plan cyberattacks are no longer just a science-fiction plotline.  Retirement plan cyberattacks are todays reality.  With the Russia-Ukraine conflict heating up, the risk of cyberattacks is on the rise.  Human resources professionals must be hyper-vigilant about potentially disruptive cybersecurity threats, according to experts cited in a recent HR Dive article.

Should an outage or attack occur, HR professionals will be tasked with creating business continuity plans.  The charge requires coordination between the company and IT departments to put operations back on track.  In this vein, the Boy Scout motto has never been more applicable:  “Be prepared.”

Specifically, one of HR’s key roles in the event of a cyberattack will be breaking down key messages and protocols.  It is important to use language that everyone can understand, from the CEO to mail room clerks.  This will both keep things peaceful, and also serve as a compliance measure.

The HR Dive article highlighted a few key things for HR professionals to keep in mind should they find themselves in the midst of a cyberattack:

  1. Have a Plan B.  Companies should be prepared with backups and redundancies, and think as if a worst-case scenario is inevitable.  HR Dive gave the example of cloud-based storage.  Companies that rely on the cloud could, and should, make weekly backups and archives of key data, such as payroll information.
  2. Know how you’ll inform employees in advance.  With retirement plan cyberattacks comes chaos.  Therefore, it’s important to understand well before an attack occurs how to answer the questions of what data is impacted and what an organization’s obligations are in terms of reporting those impacts.  HR Dive noted HR departments should:
    • Determine the triggering event
    • Know the post-attack window in which they are obligated to inform employees, and if only affected employees, or all, must be notified
    • Know whether or not it’s necessary to contact a government entity
    • Understand the cybersecurity rules in their state, and the rules that apply with respect to remote workers in other states
  3. Triage the situation and go from there.  HR teams should determine how sensitive the data is that was hacked, and how much was compromised.  A response plan is critical, including offering employees defensive services, such as free auditing if Social Security numbers were stolen, or hiring forensics teams to investigate the breach.  HR departments are vital in, as HR Dive put it, helping employees “pick up the pieces”.  Cybersecurity in employer-sponsored retirement plans is another component to keep in mind, especially with the volume of sensitive employee data involved.
  4. Remain level-headed.  HR professionals should be prepared to manage employees’ emotional responses to a cyberattack. It’s vital to be clear and transparent in times of crisis, and also, it’s okay to not have all the answers and let employees know that.

Cybersecurity conversations should be catalysts for lasting change.  Today’s environment is a reminder that retirement plan cyberattacks need to be top of mind for HR and IT teams.


Thank you for visiting our site!

TRAU, Inc. and its affiliates TPSU and 401kTV do not provide investment, legal, tax or accounting advice. 401kTV readers and viewers should consult their legal and tax advisors for guidance. All materials, including but not limited to articles, directories, photos, videos, graphics etc., on this website are the sole property of TRAU, Inc. and are intended for educational purposes only. We do encourage your sharing 401kTV content with Plan Sponsors; however, unauthorized use of any and all materials is prohibited/restricted.

Permission to use any of the materials, etc. on any of this site or affiliate websites may be requested in writing at and may be granted in writing on a case by case basis. Use of all editorial content without permission is strictly prohibited.

Scroll to Top