Employers should coordinate with their third-party administrators (TPAs) so that the TPAs notify plan participants of the potential vulnerability of their 401(k) accounts.
https://www.shrm.org/resourcesandtools/legal-and-compliance/employment-law/pages/lessons-from-data-breach.aspx