What happened to Manpower's data?

Manpower, one of the world's largest staffing companies, experienced a data breach that exposed personal information of 144,189 individuals in one of its franchises. The data breach was caused by a ransomware attack that occurred between December 29, 2024, and January 12, 2025.

How many people were affected by the Manpower data breach?

The Manpower data breach affected 144,189 individuals in one of the company's franchises.

What type of personal information was exposed in the Manpower breach?

The exposed data includes passport scans, IDs and driver's licenses, Social Security numbers, names and addresses, contact information, test results, years of corporate correspondence, financial statements, HR data analytics, confidential contracts and non-disclosure agreements, corporate bank statements, and spreadsheets detailing employees' hours and worksites.

Which Manpower office was affected by the breach?

The data breach affected Manpower's Lansing, Michigan office, where the company was investigating an IT systems outage that led to the discovery of the ransomware attack.

What is Manpower doing in response to the data breach?

Manpower is working with the FBI to hold the attackers accountable and is offering affected individuals free credit monitoring and identity theft protection services.

What type of business documents were compromised in the Manpower breach?

The compromised business documents included years of corporate correspondence, financial statements, HR data analytics, confidential contracts and non-disclosure agreements, corporate bank statements, and spreadsheets detailing employees' hours and worksites.

How long was the delay between discovery and notification in the Manpower breach?

There was more than a six-month delay between the discovery of the breach on January 20, 2025, and the notification of affected individuals on July 28, 2025.

Incident

Manpower staffing agency reports ransomware attack, data breach exposing 145K people

Q: When did the Manpower ransomware attack occur?

The ransomware attack on Manpower occurred between December 29, 2024, and January 12, 2025. The incident was detected on January 20, 2025, when the company was investigating an IT systems outage at its Lansing, Michigan office.

Q: When were affected individuals notified about the Manpower breach?

Manpower notified the affected individuals on July 28, 2025, more than six months after the initial discovery of the breach on January 20, 2025.

Q: How did Manpower discover the data breach?

The incident was detected on January 20, 2025, when Manpower was investigating an IT systems outage at its Lansing, Michigan office. The investigation revealed that an unknown actor had gained unauthorized access to their network.

Q: What did Manpower's investigation conclude about the breach?

The investigation concluded that 'an unknown actor gained unauthorized access to our network between December 29, 2024 and January 12, 2025 and potentially acquired certain files, some of which may have contained certain individuals' personal information.'

published: Aug. 12, 2025

Learn More

Manpower, one of the world's largest staffing companies, is reporting a data breach that exposed personal information of 144,189 individuals in one if its franchises. The data breach was caused by a ransomware attack that occurred between December 29, 2024, and January 12, 2025.

The incident was detected on January 20, 2025, when the company was investigating an IT systems outage at its Lansing, Michigan office. The investigation concluded that "an unknown actor gained unauthorized access to our network between December 29, 2024 and January 12, 2025 and potentially acquired certain files, some of which may have contained certain individuals' personal information".

Exposed data includes:

Passport scans
IDs and driver's licenses
Social Security numbers
Names and addresses
Contact information
Test results
Years of corporate correspondence
Financial statements
HR data analytics
Confidential contracts and non-disclosure agreements
Corporate bank statements
Spreadsheets detailing employees' hours and worksites

The company notified the affected individuals on July 28, 2025, more than six months after the initial discovery.

Manpower is working with the FBI to hold the attackers accountable. The company is also offering affected individuals free credit monitoring and identity theft protection services.

Manpower staffing agency reports ransomware attack, data breach exposing 145K people

Read More
Paraguayan Armed Forces IT team reports ransomware attack
Australian National University investigating claims of ransomware attack
Cincinnati Public Schools hit by ransomware attack
Minnesota State University-Moorhead hit by ransomware, struggling to …
Groveport Madison school district reports ransomware attack