The classification of individual documents is not believed to have been higher than RESTRICTED.
Um, may I mention a fundamental security concept called 'aggregation'?
Yes, a single personnel record may only be RESTRICTED. (Actually, it would probably be RESTRICTED MANAGEMENT or whatever the appropriate protective marking is these days). But several thousand of them together should collectively be treated as a single package to be protected at a rather higher level. This falls naturally out of the definition of protective marking levels - what used to be called classifications - as being related to the risk posed by compromise of the material in question. The loss of ten thousand personnel files is by definition more serious than the loss of one, so a hard drive containing ten thousand personnel files should be protected at a higher level than any file on its own.