Kelly Benefits Data Breach: Over 400,000 Individuals Affected
Discover the latest on the Kelly Benefits data breach, impacting over 400,000 individuals. Learn about the incident, its implications, and the ongoing investigation.
TL;DR
Kelly Benefits recently disclosed a significant data breach impacting over 400,000 individuals. The breach, which occurred in December 2024, exposed sensitive personal information including names, Social Security numbers, and financial data. The investigation is ongoing, and the company is notifying affected individuals.
Main Content
Kelly Benefits, a prominent U.S.-based firm specializing in benefits and payroll solutions, has revealed that a recent data breach is far more extensive than initially estimated. The breach, which occurred between December 12 and 17, 2024, has impacted over 400,000 individuals, exposing sensitive personal data.
Initial Disclosure and Impact
In April, Kelly Benefits disclosed a data breach where hackers accessed its systems, stealing sensitive personal information. Initially, the company believed that the incident affected nearly 264,000 people, including clients of firms like CareFirst, Guardian, and Beam Benefits. The exposed information includes:
- Names
- Social Security numbers
- Medical data
- Financial data
Expanded Scope of the Breach
The number of affected individuals has now grown to 413,032, and the investigation is still ongoing. Kelly Benefits is notifying impacted individuals on behalf of multiple customers, including CareFirst, Guardian, Beam Benefits, and others.
According to an update provided by the company and shared with the Maine Attorney General:
On May 2, 2025, Kelly Benefits mailed notice to an additional one hundred thirty-five (135) Maine residents on behalf of itself and the entities listed in Exhibit A. The information that could have been subject to unauthorized access for the additional Maine residents includes name, Social Security number, and financial account information. As such, a total of seven thousand one hundred sixty-four (7,164) Maine residents have now been notified of this event.
Ongoing Investigation
The company has not shared specific details about the attack, and no ransomware group has claimed responsibility for the intrusion. The investigation is ongoing to determine the full extent of the breach and to implement measures to prevent future incidents.
Conclusion
The Kelly Benefits data breach highlights the critical importance of cybersecurity in protecting sensitive personal information. As the investigation continues, it is essential for affected individuals to remain vigilant and take steps to protect their personal data.
Additional Resources
For further insights, check: