Massive data breach at Adecco sparks major fraud trial in France involving 72,000 victims

News16 Jun 2025

One of France’s most serious data-related fraud cases opened this week at the Lyon correctional court, as 16 defendants face trial for a sweeping cybercrime operation linked to a breach of Adecco, the international employment agency. The case, which has affected over 72,000 people, centers on organized fraud and identity theft on a massive scale.

At the heart of the proceedings is a 20-year-old described by French investigators as possessing “exceptionally high intellectual capacities” and a persistent compulsion to discover and exploit digital vulnerabilities. Authorities allege that he continued to direct illicit activity using smuggled smartphones, even while in custody awaiting trial.

The investigation traces its origins to 2022, when a 19-year-old intern at an Adecco branch in Besançon, in the Doubs department, sold his login credentials to a contact via an encrypted messaging platform. Although promised €15,000 for the access, the intern reportedly never received payment and was soon arrested. His apprehension allowed investigators to begin mapping the extensive network behind the scheme.

With the stolen login credentials, hackers infiltrated Adecco’s internal systems and extracted sensitive data on approximately eight million jobseekers, including personal banking information. Leveraging this data, the group initiated widespread unauthorized withdrawals from individual accounts. The fraudulent charges, each for €49.85, just below the €50 threshold that typically flags suspicious banking activity, were carried out repeatedly and undetected over a period of time.

An estimated 33,000 people were directly impacted by these unauthorized debits, resulting in a confirmed financial loss of €1.6 million. An additional 40,000 attempted transactions were either blocked or later reimbursed. Banks affected by the scam, having refunded around €1.4 million to customers, have joined the legal proceedings as civil parties.

Beyond the Adecco breach, the investigation revealed a broader pattern of fraud dating back to 2019. Prosecutors allege that the lead defendant and his associates used phishing and social engineering techniques to impersonate individuals and businesses. These tactics enabled them to exploit various public assistance programs, including MaPrimeRénov, a popular energy-efficiency subsidy, prompting temporary suspension of the scheme due to suspected abuse.

Stolen data was also used to forge fake identification and social security documents, which facilitated the creation of numerous “mule” bank accounts. These accounts were instrumental in laundering the illicit gains from the fraudulent activities.

Adecco, which is headquartered in Villeurbanne for its French operations, is not on trial but has acknowledged a lapse in security procedures. The firm admitted fault in allowing an unsupervised intern to access highly sensitive national employment data.