Incident Overview

A threat actor going by DumpSec is claiming to sell data from MyConnect (Myconnect Interim), a French digital temporary employment agency that connects workers with companies looking for interim staff. The actor states this follows a previous breach of Adecco, suggesting a pattern of targeting staffing and employment platforms in France.

According to the listing, the breach reportedly contains around 125,000 records along with a substantial document archive consisting of 21,106 files across 15,978 folders. The documents allegedly include national identity cards (CNI), RIB banking documents, photos, signed documents, and birth certificates — highly sensitive personal and financial information that could be leveraged for identity theft or fraud.

The extracted data fields listed in the post cover a wide range of personal identifiers: full names, email addresses, mobile and home phone numbers, physical addresses, birth details (place, department, date), maiden names, social security numbers, national ID card numbers with issue and expiration dates, and full banking information including bank name, IBAN, and BIC codes. The threat actor is offering the data to a single buyer at an open price, with transactions handled exclusively via Session messenger using cryptocurrency.