• Home
  • cyber
  • MarketSource, Allegis Group, Aerotek and TEKsystems: Global talent management behemoth Allegis Group claimed by hacker gang
cyber Ransomware

MarketSource, Allegis Group, Aerotek and TEKsystems: Global talent management behemoth Allegis Group claimed by hacker gang

Sep 10, 2025 2 min read
MarketSource, Allegis Group, Aerotek and TEKsystems: Global talent management behemoth Allegis Group claimed by hacker gang

Allegis Group Hit by Everest Ransomware Gang in Major Data Breach

The global talent management firm Allegis Group, a $10 billion enterprise with subsidiaries including Aerotek, TEKsystems, and MarketSource, has been targeted by the Everest ransomware gang. The attackers claim to have stolen sensitive client data, posting screenshots of two datasets one with 135,000 entries and another with 426,000 entries containing names, email addresses, and phone numbers on their dark web blog.

While the gang has only released limited previews, they allege possession of "a huge variety of personal documents" beyond the exposed contact details. Researchers warn this could enable phishing attacks, with threat actors impersonating Allegis to extract further sensitive information or distribute malware.

Everest, a Russia-linked ransomware cartel active since 2021, has victimized over 100 organizations in the past year, employing a tactic of gradual data leaks to pressure victims into paying ransoms. The group previously targeted high-profile entities, including AT&T and a Middle Eastern division of an unnamed company, leaking employee data.

Allegis Group has not yet responded to requests for comment. The full extent of the breach remains unclear, but the incident underscores the persistent threat posed by ransomware groups to large-scale enterprises.

Source: https://cybernews.com/security/allegis-group-data-breach-claims/

MarketSource TPRM report: https://www.rankiteo.com/company/marketsource-inc

Allegis Group TPRM report: https://www.rankiteo.com/company/allegis-group

Aerotek TPRM report: https://www.rankiteo.com/company/aerotek

TEKsystems TPRM report: https://www.rankiteo.com/company/teksystems

"id": "alltekaermar1771086448",
"linkid": "allegis-group, teksystems, aerotek, marketsource-inc",
"type": "Ransomware",
"date": "9/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Potentially 561,000+ (135,000 + '
                                              '426,000 entries exposed)',
                        'industry': 'Staffing and recruitment',
                        'location': 'Global',
                        'name': 'Allegis Group',
                        'size': '$10 billion enterprise',
                        'type': 'Talent management firm'},
                       {'industry': 'Staffing and recruitment',
                        'name': 'Aerotek',
                        'type': 'Subsidiary'},
                       {'industry': 'Staffing and recruitment',
                        'name': 'TEKsystems',
                        'type': 'Subsidiary'},
                       {'industry': 'Staffing and recruitment',
                        'name': 'MarketSource',
                        'type': 'Subsidiary'}],
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '561,000+ (135,000 + 426,000 '
                                              'entries)',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High (personally identifiable '
                                        'information)',
                 'type_of_data_compromised': ['Names',
                                              'Email addresses',
                                              'Phone numbers',
                                              'Personal documents']},
 'description': 'The global talent management firm Allegis Group, a $10 '
                'billion enterprise with subsidiaries including Aerotek, '
                'TEKsystems, and MarketSource, has been targeted by the '
                'Everest ransomware gang. The attackers claim to have stolen '
                'sensitive client data, posting screenshots of two '
                'datasets—one with 135,000 entries and another with 426,000 '
                'entries—containing names, email addresses, and phone numbers '
                'on their dark web blog. While the gang has only released '
                "limited previews, they allege possession of 'a huge variety "
                "of personal documents' beyond the exposed contact details. "
                'Researchers warn this could enable phishing attacks, with '
                'threat actors impersonating Allegis to extract further '
                'sensitive information or distribute malware.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'data breach and phishing risks',
            'data_compromised': 'Sensitive client data, including names, email '
                                'addresses, phone numbers, and potentially '
                                'other personal documents',
            'identity_theft_risk': 'High (due to exposure of personally '
                                   'identifiable information)'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain, data extortion',
 'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Everest'},
 'references': [{'source': 'Dark web blog (Everest ransomware gang)'}],
 'threat_actor': 'Everest ransomware gang',
 'title': 'Allegis Group Hit by Everest Ransomware Gang in Major Data Breach',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.