Details of around 5,000 of MTV Networks' staff, including their names, dates of birth, social security numbers and even their salaries, have been compromised, the firm's parent company, Viacom, has revealed.
As news of the potentially serious identity theft incident broke over the weekend, Calum Macleod, European director with company security specialist Cyber-Ark, said the incident could have been avoided had the company used database encryption on its personnel files.
"Precise details of how the data was accessed have yet to be revealed, or whether the illegal access occurred as the result of an internal or external intrusion," he said, adding that, despite this, the clear message to other organisations worried about letting staff down in this way is to always encrypt the human resources information files.
"Using a data vault approach to HR files is a given in the modern world of employment, as companies owe a clear duty of care to their staff which, if they fail to meet, renders them liable to litigation, both by the relevant authorities and the staff themselves," he said.
"Perhaps worse there is the potential damage to a company's reputation when something like this happens. The depth of the fallout will become clear as further details of the apparent IT security faux pas are revealed in due course," he added.