One of the world’s largest staffing companies has revealed a significant data breach involving nearly 145,000 individuals, after cybercriminals struck its Michigan office systems late last year.
The staffing firm, part of a multi-billion-dollar global enterprise operating in more than 2,700 offices worldwide, notified Maine’s Attorney General that attackers had infiltrated its Lansing, Michigan, IT infrastructure between December 29, 2024, and January 12, 2025, likely stealing sensitive personal and corporate data. The breach was discovered when the company investigated an IT outage on January 20, 2025. Notifications were only issued from July 28, 2025, once investigators confirmed that personal information may have been compromised.
RansomHub Claims Responsibility, Data Vanishes
The notorious ransomware group RansomHub, also known as Cyclops and Knight, claimed responsibility for the attack shortly after the breach was confirmed. According to cyber threat postings, they exfiltrated approximately 500 GB of data, including passport scans, ID documents, Social Security numbers, financial records, correspondence, and human resources analytics. Disturbingly, they later removed the company’s name from their leak site—suggesting a possible ransom was paid to suppress publication.
RansomHub has previously targeted high-profile organisations in the United States and Europe, including healthcare, oil, telecom, and auction sectors, and breached over 200 critical infrastructure entities by August 2024.
Data Protection and DPDP Act Readiness: Hundreds of Senior Leaders Sign Up for CDPO Program
Company Responds With Credit Monitoring, FBI Engagement
In response, the firm has launched both security enhancements and a cooperation protocol with the FBI to trace the attackers. They are offering affected individuals free credit monitoring and identity theft protection through Equifax to mitigate potential fallout.
This breach underscores the critical vulnerability of global staffing and recruitment systems amid growing ransomware sophistication. Cybersecurity experts note that large-scale data thefts coupled with delayed notifications heighten the risk of identity theft, corporate espionage, and long-term reputational damage.