Kelly Benefits Data Breach: 550,000 Individuals Impacted as Investigation Continues

A recent data breach at Kelly Benefits has left 550,000 individuals affected, with the number of impacted individuals growing as investigators continue to dig deeper into the incident. The US-based company, which provides benefits, payroll, and workforce management solutions to businesses, revealed in April that hackers had accessed its systems from December 12-17, 2024, stealing sensitive personal data.

Initially, Kelly Benefits believed that the breach impacted nearly 264,000 people, including clients of firms such as CareFirst, Guardian, and Beam Benefits. However, as investigators continued to analyze the situation, it became clear that more people were affected than initially thought. The exposed information includes names, Social Security numbers, medical, and financial data.

In May, Kelly Benefits began notifying impacted individuals on behalf of multiple customers, including CareFirst, Guardian, Beam Benefits, and others who were affected by the breach. However, as the investigation progressed, it was revealed that even more individuals had been impacted. By the end of May, the number of affected individuals had reached 488,000.

More recently, Kelly Benefits confirmed that the data breach has affected over 553,660 individuals, with an additional 7,164 residents in Maine having been notified on behalf of the company and its clients.

The Investigation Continues

No details about the attack have been shared by Kelly Benefits, nor has any ransomware group claimed responsibility for the intrusion. However, investigators are working to determine how the breach occurred and what measures can be taken to prevent similar incidents in the future.

Protecting Yourself

In light of the data breach, Kelly Benefits is offering impacted individuals free credit monitoring and identity protection services through IDX. The company advises individuals to remain vigilant by regularly monitoring their account statements and credit reports for any suspicious activity. Additional protective steps are outlined in the provided materials.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon for the latest updates on this developing story.