A cyberattack on Manpower’s Michigan office compromised data for 144,000 people. Meanwhile, Workday reveals a data breach in a widespread scam. Read about these incidents and the growing threat of social engineering.
Two major companies, global staffing agency Manpower and business software provider Workday, have recently disclosed that they were victims of cyberattacks. These separate incidents affected the personal information of thousands of individuals and highlight the growing threat of data breaches to both businesses and their customers.
Manpower Breach
Manpower, a leading staffing firm, announced that a cyberattack on one of its franchise offices in Lansing, Michigan, exposed the personal data of 144,189 people. The company discovered the unauthorized access on January 20th, 2025, after an IT outage.
A subsequent investigation found that a hacker had been in their network from late December 2024 to mid-January 2025. Although the company did not name the attackers, a group called RansomHub claimed responsibility for the breach.
While Manpower is a part of ManpowerGroup, a spokesperson confirmed that the franchise operates on its own data platform, making the incident isolated and not affecting the larger corporate network.
To help those affected, Manpower is providing free credit monitoring and identity theft protection for one year. The company has also informed the FBI and plans to cooperate fully in holding the culprits responsible.
Workday Breach
Separately, business software giant Workday revealed a data breach related to a third-party Customer Relationship Management (CRM) platform, a software used to manage customer interactions. The company stated that the breach was part of a “social engineering campaign” targeting many large organizations.
For your information, social engineering is a way of tricking people into giving up information, often by pretending to be someone trustworthy, like an IT person. In this case, hackers got access to basic business contact details like names, emails, and phone numbers. Workday says there’s no sign that customer data was accessed.
“There is no indication of access to customer tenants or the data within them. We acted quickly to cut the access and have added extra safeguards to protect against similar incidents in the future,” Workday’s statement reads.
The attack is similar to a wider series of breaches linked to the notorious ShinyHunters group. Hackread.com has previously covered this group’s activities, which have been targeting employees with fake calls, impersonating IT support to access corporate databases.
Its recent targets include well-known firms like Google, LVMH, Chanel, and Adidas. Google’s threat intelligence group, which had been investigating ShinyHunters, recently confirmed that their own Salesforce database was breached by the group.
