A threat actor has claimed responsibility for an alleged breach involving MoniCare, a Chicago-based domestic staffing agency, with more than 40,000 applicant records reportedly exposed online.
In a forum post published on May 31, 2026, the actor claimed to possess a database containing personal information associated with individuals who applied for positions through the agency.
MoniCare specializes in placing nannies, babysitters, housekeepers, caregivers, household managers, personal assistants, and other domestic staff for families seeking long term or temporary household support.
Applicant information and identity documents allegedly exposed
According to the listing, the alleged dataset contains approximately 40,000 records including applicant names, email addresses, phone numbers, physical addresses, ages, and references to attached documents.
The threat actor further claimed to possess a separate collection of PDF files allegedly linked to applicants.
Those documents purportedly include driver’s licenses, identification cards, passports, resumes, reference letters, vaccination records, and other employment-related materials.
A screenshot accompanying the listing appears to show a sample of applicant information. BreachNews is not reproducing any personal information contained within the alleged dataset.
Sensitive employment records raise privacy concerns
If authentic, the alleged exposure could present significant privacy and identity theft risks due to the nature of the information involved.
Unlike many database sale claims that primarily contain contact information, the MoniCare listing references identity documents and employment records that could potentially be used for fraud, impersonation, or social engineering attacks.
The post advertises access to both the database and associated document collection through a downloadable archive.
At this stage, it remains unclear whether the data originated from a recent compromise, an older incident, a third party source, or previously exposed records.
The claim was posted by the same threat actor BreachNews recently covered in an alleged HungerRush database sale listing. As with that claim, the MoniCare listing has not been independently verified.
Verification remains outstanding
The claim has not been independently verified, and there is currently no public evidence confirming that MoniCare experienced a cybersecurity incident.
MoniCare had not issued any public statement regarding the alleged breach at time of publication.
BreachNews will continue monitoring for company responses, regulatory disclosures, or additional evidence that may help verify the claim.
