Staffing giant Manpower hit by major data breach - around 145,000 users affected, here's what we know

6 days ago 11

Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing Cyber Security 3d Illustration

(Image credit: Shutterstock)

Manpower says it detected an incident in late 2024
Almost 145,000 people had sensitive files stolen
Users should beware of scams and identity theft activity

Staffing giant Manpower has confirmed it suffered a cyberattack in late 2024 in which it lost sensitive data on almost 145,000 people.

The company has filed with the Office of the Maine Attorney General, detailing the breach, what it did to mitigate the threat, and how it helped its victims minimize the threat of follow-up attacks.

In the form, it said it spotted the attack while investigating an IT incident on January 20, noting, "Through that investigation, we learned of information suggesting that an unknown actor gained unauthorized access to our network between December 29, 2024 and January 12, 2025 and potentially acquired certain files, some of which may have contained certain individuals' personal information."

Escalating privileges

"On or about July 28, 2025, Manpower of Lansing learned that your personal information may have been involved in connection with the incident which is the reason for this notification."

In total, 144,189 people have been affected by the attack. Manpower did not say who was behind the incident, or what type of information was stolen.

However, BleepingComputer discovered that RansomHub, a known ransomware group and extortionist, claimed responsibility.

On their data leak website, RansomHub said it stole some 500GB of data, including client databases with personal and corporate information (passport scans, IDs, SSNs, addresses, contact information, and more), a lot of corporate communications, financial statements, confidential contracts, non-disclosure agreements, and more.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

However, the leaksters also later removed Manpower from their website, suggesting that the company paid the ransom demand. In the meantime, affected customers were offered free credit monitoring and identity theft protection through Equifax.

US Authorities Issue RansomHub Ransomware Alert
Take a look at our guide to the best authenticator app
We've rounded up the best password managers

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read Entire Article