Ransomware victim disclosure
← All victimsWORKERS.COM
listed as workers.com.zm Breach · Claimed by Funksec · listed 2 years ago
Status timeline
- ListedDec 10, 2024
- Data leakeddate unknown
At a glance
- Group
- Funksec
- Status
- Data leaked
- Country
- Zambia
- Sector
- Technology
- Listed on leak site
- Dec 10, 2024
About the victim
AI dossier — public-source company profileWORKERS.COM is a nationwide staffing and recruiting agency headquartered in the San Francisco Bay Area, California, operating across all 50 US states since 1989. They specialize in blue-collar and skilled trades recruitment, placing workers in light industrial, skilled trades, engineering, manufacturing, construction, warehouse, transportation, office/clerical, and events staffing roles.
- Industry
- Staffing & Recruiting Services
- Address
- San Francisco Bay Area, CA, USA (headquarters); operates nationwide across all 50 states
- Founded
- 1989
Attack summary
Severity: medium — Confirmed exfiltration of PII (names, contact details) at scale from a staffing platform with user database exposure. No regulated financial or healthcare data confirmed, and no operational disruption claimed. Data published but proof file count not specified.The funksec group claims to have breached workers.com.zm (Zambian domain) and exfiltrated sensitive user information including names, contact details, and possibly employment histories. The breach is attributed to inadequate data protection measures.
Data the group says was taken
AI dossier — extracted from the leak post- User names
- Contact details
- Employment histories
- Job seeker records
Original description
AI-summarised, not from the leak postThe "workers.com.zm Breach" refers to a data security incident involving the Zambian employment portal, workers.com.zm. In this breach, sensitive user information, such as names, contact details, and possibly employment histories, was exposed due to inadequate data protection measures. This incident underscores the importance of robust cybersecurity practices to protect personal information from unauthorized access.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

