Home > Security > Security News

Six Months On: Manpower Confirms Data Breach After RansomHub’s December–January Access

Published
Written by:
Vishwa Pandagle
Vishwa Pandagle
Cybersecurity Staff Editor
Hacker in Interview

After six months of a ransomware group claiming responsibility for the Manpower data breach, the staffing giant Manpower confirmed it had suffered a data breach. The official statement by the leading staffing firm publicly disclosed the incident this month. 

Details about the Manpower Data Breach

A Claim Depot notification stated that an IT outage was experienced by Manpower’s Lansing office on January 20, 2025. The incident impacted access to systems. 

RansomHub’s data breach and extortion post
RansomHub’s data breach and extortion post | Source: HackManac on X

Two days later, the RansomHub group made a dark web announcement claiming it had breached Manpower and exfiltrated 500GB of data. They also gave a deadline of 8 days for ransom payment.

“The companies' investigations revealed that a hacker had gained unauthorized access to the company’s network between December 29, 2024, and January 12, 2025,” the Claim Depot report added. 

During that time, personal information such as names, Social Security numbers, driver’s licenses, government-issued IDs, including passports and state ID cards, and medical data was stolen by the hackers, according to investigators.

The stolen data affected 144,189 individuals in the United States. This included 588 individuals in Texas, 11 in Maine, and 35 in Massachusetts. 

Targeting Manpower for Employee Data

Impersonation and identity theft are common tactics used to compromise large enterprises. For example, in the recent vendor breach of Air France and KLM, attackers gained access by targeting a third-party customer service platform. 

The attackers obtained names, contact details, and loyalty data and later used those fragments for phishing and identity-targeted attacks.

ManpowerGroup is one of the world’s largest workforce solutions companies, serving over 600,000 individuals and operating in more than 70 countries. Because it connects millions of workers with businesses across industries, it makes it a rich target for attackers seeking personal and corporate data.

This stolen data could be resold on the dark web markets for creating duplicate identity documents and duping organizations. 

Add a Comment
Related
microsoft windows
Microsoft August Patch Tuesday Fixes Critical Exchange, SharePoint, and Kerberos Flaws
NYT Report Links Federal Court Breach to Russia, Cites Unnamed Sources
ClickFix
ClickFix PowerShell Attack Chain Leverages Email Invite Lures, Spoofed MS Teams Login Pages
Hacker - Police - Laptop
BreachForums Takeover Allegedly Orchestrated by Law Enforcement, ShinyHunters Say
BlackSuit Ransomware Takedown Disables 9 Domains and 4 Servers, Seizes $1M
Apartment - Laptop - Hacker
Kimsuky APT Hackers Exposed in Alleged Breach Revealing Phishing Tools and Operational Data
Most Popular
microsoft windows
Microsoft August Patch Tuesday Fixes Critical Exchange, SharePoint, and Kerberos Flaws
NYT Report Links Federal Court Breach to Russia, Cites Unnamed Sources
Proton VPN Brings Split Tunneling Beta to Linux Users
Proton VPN Brings Split Tunneling Beta to Linux Users
ExpressVPN Named LinkedIn Premium Perk of the Month for August 2025
ExpressVPN Named LinkedIn Premium Perk of the Month for August 2025
Wikipedia Loses UK Online Safety Act Legal Challenge, but Age Checks May Not Apply Yet
Wikipedia Loses UK Online Safety Act Legal Challenge, but Age Checks May Not Apply Yet
ClickFix
ClickFix PowerShell Attack Chain Leverages Email Invite Lures, Spoofed MS Teams Login Pages
Microsoft August Patch Tuesday Fixes Critical Exchange, SharePoint, and Kerberos Flaws
NYT Report Links Federal Court Breach to Russia, Cites Unnamed Sources
Proton VPN Brings Split Tunneling Beta to Linux Users
ExpressVPN Named LinkedIn Premium Perk of the Month for August 2025
Wikipedia Loses UK Online Safety Act Legal Challenge, but Age Checks May Not Apply Yet
ClickFix PowerShell Attack Chain Leverages Email Invite Lures, Spoofed MS Teams Login Pages

Most Popular
microsoft windows
Microsoft August Patch Tuesday Fixes Critical Exchange, SharePoint, and Kerberos Flaws
NYT Report Links Federal Court Breach to Russia, Cites Unnamed Sources
Proton VPN Brings Split Tunneling Beta to Linux Users
Proton VPN Brings Split Tunneling Beta to Linux Users
ExpressVPN Named LinkedIn Premium Perk of the Month for August 2025
ExpressVPN Named LinkedIn Premium Perk of the Month for August 2025
Wikipedia Loses UK Online Safety Act Legal Challenge, but Age Checks May Not Apply Yet
Wikipedia Loses UK Online Safety Act Legal Challenge, but Age Checks May Not Apply Yet
ClickFix
ClickFix PowerShell Attack Chain Leverages Email Invite Lures, Spoofed MS Teams Login Pages
Microsoft August Patch Tuesday Fixes Critical Exchange, SharePoint, and Kerberos Flaws
NYT Report Links Federal Court Breach to Russia, Cites Unnamed Sources
Proton VPN Brings Split Tunneling Beta to Linux Users
ExpressVPN Named LinkedIn Premium Perk of the Month for August 2025
Wikipedia Loses UK Online Safety Act Legal Challenge, but Age Checks May Not Apply Yet
ClickFix PowerShell Attack Chain Leverages Email Invite Lures, Spoofed MS Teams Login Pages

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2025 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: