Throughout its history, labor unions have provided representation to their members in negotiations regarding wages, workplace safety, and working conditions. Although unions have been instrumental in advocating for employees, they are also tasked with an expansive amount of record keeping related to their members. Although unions have managed these types of records for many years, as organizations continue to migrate from paper to digital record storage, they face increasing challenges related to cyber security.

In addition to a member's name and contact information, union membership databases typically contain a considerable amount of sensitive member information. Many unions represent workers in regulated industries (e.g., transportation, building/construction, logistics), which means they are required to maintain records (cloud-based etc.) of members' professional certifications/licenses, and identity verification. In many cases, these records contain members' Social Security numbers, drivers' license numbers, and other identifiers that are used to administer memberships, manage benefits, or for training purposes.

The aggregate of this sensitive information has made a number of union systems an attractive target for cyber-criminals. Recently, the Teamsters Local 175 was subject to a data breach as a result of an unauthorized breach of the union's computer systems that resulted in concerns that personal information may have been accessed during the attack. According to information that has been disclosed to the public, the breach has prompted an investigation into the incident with the help of cyber security expert(s) and letters of notification to affected members.

Events such as these illustrate that unions and labor unions are becoming increasingly involved in the digital risk environment that impacts corporations, hospitals, and banks. As unions move toward using online membership systems, digital files, and cloud-based communications, they face many of the cyber security issues faced by other larger businesses.

Unlike some of the larger employers, unions often have fewer technology staff and limited funds available for cyber security support. Union's primary mission is to serve their members by resolving issues that occur at work; therefore, cyber security is not a priority since maintaining the required level of cyber security for their many computer networks and system interfaces is difficult.

Another reason why unions face increased risk is due to the large number of historical records that unions retain on previous and current union members. Members can often remain with a union for years, and unions often contain historical records of multiple former members, apprentices, and retired members in membership databases. This results in unions potentially maintaining an enormous amount of personally identifiable information about individuals in their databases for extended periods after original data collection.

Unions and labor organizations are finding themselves increasingly impacted by the cyber risk environment that affects corporations, hospitals, and banks. Historically, labor groups have been moving toward the use of an Internet-based membership system, digital file formats, and cloud-based communications; however, as they interface with other larger businesses more often, they must now deal with the same types of cyber safety challenges.

While the number of technology personnel supporting labor groups may be small compared to other larger employers, the funds available for cyber safety are also smaller.

Unions have a long history of maintaining large volumes of archival material, including records about each union member. Given that union membership can last for decades, unions also maintain many archival records of not only current members but also many other historical records from previous members, apprentices, retirees, etc. Many unions have been collecting data on their members all along; as a result, they have large amounts of personal identifying data stored in their databases for extended periods.

Cybersecurity will probably still become an important consideration in protecting member personal information by labor glows as they change their digital systems and expand they are offering online services to union members. Regulatory compliance and maintaining worker confidence of which they represent require protecting member personal information from union standards.