Manpower, a staffing company, admits to suffering a data breach

Manpower Data Breach Affects 144,189 Individuals

In a concerning turn of events, Manpower, a leading global staffing agency, has confirmed a data breach that affected 144,189 individuals. The breach occurred at one of Manpower's franchises located in Lansing, Michigan, between December 29, 2024, and January 12, 2025.

The unauthorized access to Manpower's network was initially detected during an investigation of an IT outage on January 20, 2025. On the same day, the company launched an investigation and implemented enhanced security measures to prevent future incidents.

During the breach, an unknown actor potentially acquired certain files containing personal data. The personal information of the affected individuals, including their names, was compromised. However, the specific Lansing office's local systems were the only ones affected, as the Lansing franchise operates on an independent data platform, making the incident isolated to the specific franchise.

The identity of the unknown actor who gained unauthorized access remains undisclosed. On January 22, the RansomHub ransomware group claimed an attack targeting Manpower, during which 500GB of data were allegedly exfiltrated. The company notified the FBI of the data breach.

ManpowerGroup is counseling the franchisee and supporting their efforts in managing the direct response to the data breach. Affected individuals have been notified and offered 12 months of complimentary Equifax credit monitoring and identity theft protection services.

This article was updated on August 13 to add comments from a ManpowerGroup spokesperson, who emphasised the company's commitment to protecting the personal information of its clients. The notification sent to affected individuals was issued on August 11, 2025.

The breach serves as a reminder of the ongoing threats posed by cyber-attacks and the importance of robust cybersecurity measures. Manpower continues to work diligently to address the incident and ensure the security of its networks and the personal data of its clients.