-
A threat actor named “ResPublica” claims to have breached debt collection giant Radius Global Solutions in January 2026, stealing contact center client lists and extensive employee HR records.
-
The alleged breach exposed deeply personal staff data, including government IDs, payroll info, spouse details, and even clock-in histories far beyond typical customer data leaks.
-
Radius has not publicly confirmed the incident as of February 2026, despite the actor claiming the company was notified in January; it follows the firm’s 2023 MOVEit breach that affected thousands of consumers.
A hacker using the handle ‘ResPublica’ make a post on popular dark web forum, DarkForums, claiming they breached major US debt collector Radius Global Solutions.
According to the post, they got into Radius Global Solutions back in January. Radius Global is a professional debt collection agency that US hospitals and banks hire to chase down customers owing them money. The alleged breach looks scary because it involves lots of employee HR datasets, medical records, and even client information.
Overview of the Alleged Breach
In their dark web post, ResPublica says they compromised one of Radius’s contact center branches. They didn’t just grab a client roster, though they did post lists of active and former clients. The real shocker is the employee data.
We’re talking core identity records. Legal names are there, and so are birth dates, gender, and marital status. They’ve even got spouse and dependent details in the list, as well. Government ID numbers? Check. Passport scans & visa docs? Also present in the list. Emergency contacts. Then there are people’s home addresses going back years.
Then it gets deeper. The threat actor claims they have internal employee IDs, including job titles, reporting lines, and even shift schedules. They mentioned termination records with notes on why people left and whether they can be rehired, too.
The detail of if is quite scary they claim the list of information contains employee leave requests, approval trails, clock-in and clock-out logs down to the minute. Even Mason codes—internal stuff that should never see daylight.
But here’s the part that stings: stored personnel documents. Employment applications, resumes, diplomas, background checks, vaccination records. Banking details for payroll. It’s not just a breach; it’s a complete employee identity kit.
The kind of high-value corporate trove that hackers increasingly advertise on dark web forums, much like the alleged Target source code that employees later verified as authentic.
A Recurring Nightmare?
This isn’t Radius’s first time experiencing a data breach incident. In August 2023, the firm submitted a filing with federal authorities following an attack on its MOVEit file transfer program. This attack accessed patients’ personal details, including their Social Security numbers, their treatment codes, as well as the amount owed to Radius for services rendered.
Radius’ Response and What’s Next
Back when the first breach happened, Radius confirmed the access and sent letters to victims. This time? Silence.
ResPublica claims the company was notified in January, but, as of this week, hasn’t gone public. The post is even like they’re taunting Radius’s silence. If it’s just a bluff, then the whole steam eventually blows over.
But if they’re holding what they claim? The consequences might be dire. Consumer data breaches are bad. Employee data breaches, with banking details, IDs, and medical attestations? Those are on a whole different level of bad.
For the workers at Radius? This isn’t abstract. Their home addresses, family member names, and passport scans could now be bargained for in private Telegram groups or invite-only forums. This data is fresh, which makes it valuable. And unlike credit cards, you can’t just cancel your birth certificate or your spouse’s emergency contact info.
For Radius, the timing stings: the company survived the first fallout, sent out letters, and likely paid for credit monitoring. Now it has to explain why, if the claim is true, another breach happened, and why the staff wasn’t told for weeks.
We don’t yet know if ResPublica is bluffing or sitting on the real thing. But the dark web doesn’t usually wait. If the data is legit, samples will surface, buyers will bite, and a lot of people in the debt collection industry might soon recognize their own personnel files circulating in places they can’t scrub, just as corporate records and proprietary databases from other recent breaches, like the alleged Suno AI database listed on a dark web forum, have found their way into the hands of cybercriminals looking to exploit sensitive corporate intelligence.
