Cyber Incident Victim: Temporis

On January 27, 2015, the cybercriminal group Rex Mundi publicly disclosed a breach of Temporis, a French employment and recruitment agency operating as a franchised temporary work network. The attackers announced the compromise via their Twitter account (@rexmundi15), detailing their theft of confidential data from Temporis’ servers the prior week. The stolen data included the agency’s client list and a repository of job applicant profiles containing email addresses and user-generated passwords. Rex Mundi emphasized the risk of credential reuse, noting the compromised passwords could enable unauthorized access to applicants’ email accounts or other services. The group extorted Temporis, demanding 20,000 EUR in exchange for withholding the data from public release. After receiving no response to their ransom demand, Rex Mundi published the stolen information on a dark web site and provided a direct download link, which DataBreaches.net redacted in its reporting. The attackers criticized Temporis for valuing affected individuals’ privacy below the ransom amount.

Temporis detected the incident on January 19, 2015, when Rex Mundi first contacted the agency regarding the breach. The company issued a press release confirming the intrusion and stating it had notified all affected users. Approximately 24,000 compromised accounts were modified as a containment measure. Temporis asserted that no banking details or social security numbers were collected from applicants and therefore not exposed. The agency also claimed applicants’ CVs remained secure, though the basis for this assertion was not detailed. DataBreaches.net independently contacted Temporis for comment, receiving confirmation of user notifications and account modifications from a spokesperson. No additional technical details about the attack vector, duration of unauthorized access, or specific system vulnerabilities were disclosed by Temporis or Rex Mundi in the available reporting.