{
	"id": "b3f36550-9b53-4260-a674-9daab4a35ec2",
	"created_at": "2026-04-06T00:13:58.424579Z",
	"updated_at": "2026-04-10T03:20:54.622747Z",
	"deleted_at": null,
	"sha1_hash": "fb77550c43039353a530b0dde5bf2c7fa21c81b4",
	"title": "Largest global staffing agency Randstad hit by Egregor ransomware",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2019768,
	"plain_text": "Largest global staffing agency Randstad hit by Egregor ransomware\r\nBy Lawrence Abrams\r\nPublished: 2020-12-04 · Archived: 2026-04-05 17:00:34 UTC\r\nStaffing agency Randstad NV announced today that their network was breached by the Egregor ransomware, who stole\r\nunencrypted files during the attack.\r\nRandstad is the world's largest staffing agency with offices in 38 markets and the owner of the well-known employment\r\nwebsite Monster.com. Randstad employs over 38,000 people and generated €23.7 billion in revenue for 2019.\r\nThis week, the Egregor ransomware operation published what they claim is 1% of Randstad's data stolen during a recent\r\ncyberattack. This leaked data is a 32.7MB archive containing 184 files, including accounting spreadsheets, financial reports,\r\nlegal documents, and other miscellaneous business documents.\r\nhttps://www.bleepingcomputer.com/news/security/largest-global-staffing-agency-randstad-hit-by-egregor-ransomware/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/largest-global-staffing-agency-randstad-hit-by-egregor-ransomware/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nEgregor ransomware data leak site\r\nAfter the threat actors published their data, Randstad issued a security notification confirming that the Egregor ransomware\r\noperation attacked them.\r\nRandstad states that only a limited number of servers were impacted and that their network and business operations\r\ncontinued to operate without disruption.\r\nThe company confirmed that data was stolen but is still investigating whether the personal data of clients of employees was\r\naccessed. At this time, they believe that only data related to their operations in the US, Poland, Italy, and France was stolen.\r\n\"To date, our investigation has revealed that the Egregor group obtained unauthorized and unlawful access to our global IT\r\nenvironment and to certain data, in particular related to our operations in the US, Poland, Italy and France,\" Randstad \r\ndisclosed. \"They have now published what is claimed to be a subset of that data. The investigation is ongoing to identify\r\nwhat data has been accessed, including personal data, so that we can take appropriate action with regard to identifying and\r\nnotifying relevant parties,\" \r\nThe Egregor ransomware operation has been extremely active over the past week, with successful attacks against Metro\r\nVancouver's transit system TransLink and the big-box department store Kmart.\r\nEgregor is a new organized cybercrime ransomware-as-a-service operation that partners with affiliates to compromise\r\nnetworks and deploy their ransomware. As part of this arrangement, affiliates earn 70% of any ransom payments they bring\r\nin, and the Egregor operators make a 30% revenue share.\r\nThe ransomware gang began operating in the middle of September 2020 after a prominent ransomware group known\r\nas Maze shut down their operation. Threat actors told BleepingComputer that many of the affiliates that worked with Maze\r\nswitched to Egregor, which allowed the new operation to ramp up their attacks quickly.\r\nOther high-profile Egregor attacks include Cencosud, Crytek, Ubisoft, and Barnes and Noble.\r\nhttps://www.bleepingcomputer.com/news/security/largest-global-staffing-agency-randstad-hit-by-egregor-ransomware/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/largest-global-staffing-agency-randstad-hit-by-egregor-ransomware/\r\nhttps://www.bleepingcomputer.com/news/security/largest-global-staffing-agency-randstad-hit-by-egregor-ransomware/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/largest-global-staffing-agency-randstad-hit-by-egregor-ransomware/"
	],
	"report_names": [
		"largest-global-staffing-agency-randstad-hit-by-egregor-ransomware"
	],
	"threat_actors": [],
	"ts_created_at": 1775434438,
	"ts_updated_at": 1775791254,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/fb77550c43039353a530b0dde5bf2c7fa21c81b4.pdf",
		"text": "https://archive.orkl.eu/fb77550c43039353a530b0dde5bf2c7fa21c81b4.txt",
		"img": "https://archive.orkl.eu/fb77550c43039353a530b0dde5bf2c7fa21c81b4.jpg"
	}
}