Manpower, one of many world’s largest staffing firms, is notifying almost 145,000 people that their info was stolen by attackers who breached the corporate’s methods in December 2024.
Along with Experis and Expertise Options, the corporate is a part of ManpowerGroup, a multinational company with over 600,000 staff in additional than 2,700 workplaces and serving over 100,000 shoppers worldwide. Final 12 months, ManpowerGroup reported revenues of $17.9 billion and a complete gross revenue of $3.1 billion.
In accordance with a data breach submitting with the Workplace of Maine’s Lawyer Normal this week, Manpower is now alerting 144,189 people who have been impacted by a data breach after undisclosed attackers gained entry to the corporate’s methods in late December.
The corporate detected the incident whereas investigating an IT methods outage at its Lansing, Michigan, workplace on January 20.
“Via that investigation, we realized of data suggesting that an unknown actor gained unauthorized entry to our community between December 29, 2024 and January 12, 2025 and doubtlessly acquired sure information, a few of which can have contained sure people’ private info,” Manpower says in breach notification letters despatched to affected people.
“On or about July 28, 2025, Manpower of Lansing realized that your private info could have been concerned in reference to the incident which is the rationale for this notification.”
After discovering the incident, the corporate states that it has strengthened its IT security to forestall future breaches and is now working with the FBI to carry the attackers accountable.
Manpower can also be providing these affected by this data breach free credit score monitoring and identification theft safety companies by means of Equifax.
Attack claimed by RansomHub ransomware
Whereas the corporate has but to attribute the assault to a selected risk actor or cybercrime group, the RansomHub ransomware operation claimed duty for the assault in January, after Manpower said that it had found the breach.
The ransomware gang claimed to have stolen roughly 500GB of knowledge from Manpower’s compromised methods, containing a variety of consumer and company info.
Because the attackers mentioned, the stolen information contained databases of shoppers, together with private and company knowledge (passport scans, IDs, SSNs, addresses, contact info, check outcomes, and different knowledge), years of company correspondence, monetary statements, HR knowledge analytics, in addition to confidential contracts and non-disclosure agreements.
RansomHub has since eliminated the Manpower entry from its darkish net leak web site, suggesting that the corporate could have paid a ransom to have the information deleted.
The RansomHub ransomware-as-a-service (RaaS) operation (beforehand often called Cyclops and Knight) surfaced in February 2024 and has since claimed many high-profile victims, together with oil companies large Halliburton, the Ceremony Support drugstore chain, Kawasaki’s EU division, the Christie’s public sale home, US telecom supplier Frontier Communications, the Deliberate Parenthood sexual well being nonprofit, and the Bologna Soccer Membership.
This ransomware gang additionally leaked Change Healthcare’s stolen knowledge after probably the most important healthcare breach lately, impacting over 190 million people, and the BlackCat/ALPHV ransomware operation’s exit rip-off.
One 12 months in the past, the FBI mentioned RansomHub associates had breached over 200 essential infrastructure organizations in the USA as of August 2024.
A Manpower spokesperson was not instantly accessible for remark when contacted by BleepingComputer at the moment.
46% of environments had passwords cracked, almost doubling from 25% final 12 months.
Get the Picus Blue Report 2025 now for a complete have a look at extra findings on prevention, detection, and knowledge exfiltration traits.
