My HR dept leaked some data to a scammer, take any action or ignore?

I&#x27;m in some big multinational. I didn&#x27;t get my salary of last month; thought I&#x27;d give it a couple of days. Then HR contacts me, asking whether I really did not get my salary? What turns out:<p><pre><code> - someone with some personal email address (which didn&#x27;t contain any part of my name) contacted HR with my name, asking to change my bank account details - HR did (!), without at least asking to re-send from the professional mail account, preferably even signed and encrypted (as is nicely integrated in our email solution). - At pay day, HR transferred the salary to this new bank account - This scammer contacted them again, saying the salary was not received; could they please transfer it again? - HR sent them some proof of payment, revealing some data related to me (legal entity of my employer with address, exact salary of that particular month) - After that, HR thought to probably ask me, at which point the fraud became clear. </code></pre> HR tells me they&#x27;ll transfer the salary &#x27;soon&#x27;, so I&#x27;ll be kind to them and give them a couple of days.<p>What makes me feel bad particularly, is the data related to myself that leaked to this scammer in the process.<p>What would you do? Simply express how uncomfortable I am with that and forget?<p>I don&#x27;t want to &#x27;punish&#x27; the HR person that eventually made the mistake. But I also am upset that they leaked this data.