Leak at HelloWork
In late December 2025, French recruitment platform HelloWork disclosed that data on roughly 2.8 million jobseekers — names, emails and professional-profile details — was scraped from its CV library via a fraudulently used recruiter account and offered for sale online.
- Victim
- HelloWork
- records
- 2.8M
On 27 December 2025, HelloWork — one of France's largest online recruitment and job-search platforms — notified users that data on roughly 2.8 million jobseekers had been stolen from its CVthèque (CV library). The company was alerted on 24 December after a database attributed to the platform appeared for sale on a cybercrime forum (BreachForums); the underlying data is believed to date from around June 2025.
HelloWork said the incident did not stem from a direct intrusion into its systems. Instead, it resulted from the fraudulent use of a legitimate recruiter account, which was abused to mass-extract candidate profiles from the CV library. Passwords and banking details were not affected.
The exposed records covered jobseekers' professional profiles, including:
- First and last name
- Email address
- Desired role / job sought
- Qualification level
- Work experience
- Industries of interest
- Contract types sought
- Geographic mobility areas
HelloWork said it secured the affected data and tightened controls on recruiter-account access. The company filed a criminal complaint and notified France's data-protection regulator, the CNIL, in line with breach-disclosure obligations. It warned affected users to stay alert to phishing, fake-recruiter approaches and other scams that could exploit the leaked profiles.
Sources
- funinformatique.comhttps://www.funinformatique.com/fuite_de_donnees/hellowork/
- tpeactu.frhttps://tpeactu.fr/2025/12/27/hello-work-vol-donnees-cvtheque/
- aimgroup.comhttps://aimgroup.com/2026/01/08/rogue-recruiter-account-led-to-data-breach-at-hellowork/