Latest news with #KellyBenefits
Tom's Guide
02-07-2025
- Business
- Tom's Guide
Over half a million people impacted by major data breach — full names, SSNs, financial data and more exposed
When a company suffers a major data breach, it can be hard to truly assess the full extent of the damage caused. This is why it will often take months if not years to determine the number of people affected which is exactly what happened with Kelly Benefits. As reported by BleepingComputer, the benefits administration and payroll provider Kelly & Associates Insurance Group, also known as Kelly Benefits, has revealed that the impact of the security incident it experienced between December 12-17 of last year is much worse than originally thought. Back in April, the company originally said that 32,234 individuals were affected after hackers gained access to its IT systems and stole sensitive files. However, over the course of the past three months, Kelly Benefits has revised this figure multiple times. Now though, it has revealed that 553,660 individuals are at risk as a result of this breach. Here's everything you need to know about this major data breach including some tips and tricks to help you to stay safe from hackers if your personal information was compromised. Even if you've never heard of Kelly Benefits before, chances are that a company you do business with relies on its services which include benefits consulting, enrollment technology, payroll administration, carrier management and more. In fact, in a public data breach notice recently published on its site, the firm explained that a total of 46 companies are impacted as a result of the breach. Here are some of the most popular and well-known ones but you can check the page linked above for the full list: In addition to that notice, Kelly Benefits also sent out personalized ones (example here) to impacted individuals explaining the specific data types that were compromised. This is because the exposed personal, financial and health info varies per person. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. Surprisingly though, as BleepingComputer points out, in its public data breach notice, Kelly Benefits says that the compromised data may include the full names, Social Security numbers, tax ID numbers, dates of birth, medical and health insurance info and financial account info of those caught up in this breach. With all of that information in hand, the hackers responsible for this data breach could launch targeting phishing attacks, all sorts of different scams or worse, they could try to commit identity theft. Due to U.S. laws, when a company is hit by a data breach, they have to inform you regarding what type of data was stolen. However, just like when dealing with the IRS, data breach notification letters typically arrive via traditional mail as opposed to in an email, text message or phone call. If a company you're a customer of does business with Kelly Benefits, then you're going to want to keep a close eye on your mailbox over the next few days/weeks. The reason being is that your personalized data breach notification letter will let you know exactly what types of your personal, financial or medical data were compromised. At the same time, Kelly Benefits is offering free access to one of the best identity theft protection services from IDX for affected individuals for a full year. The letter will likely contain an enrollment code that you can use to redeem this offer if you want to take the company up on it. And you should, since identity theft protection services can help you regain your identity after an incident like this one but they can also help you recover any funds lost to fraud as a result of this data breach. From there, you're going to want to monitor all of your financial accounts for signs of fraud or abuse. Another step that may be worth taking is to freeze your credit with the three major credit bureaus: Equifax, Experian and TransUnion. This way, cybercriminals with access to this stolen data won't be able to take out loans in your name. Even if you try your hardest to avoid falling victim to a data breach, as you see here, you can easily get wrapped up in one as a result of a company you do business with relying on another firm's services. This is why you need to take action immediately when you learn that your personal or financial information was exposed as the result of a data breach. Now that cyberattacks and data breaches becoming a much more common occurrence though, you should always carefully monitor your personal and financial accounts for anything amiss since early detection can save you a whole lot of hassle later on.
Tom's Guide
05-05-2025
- Business
- Tom's Guide
Over 400,000 hit in massive employee benefits data breach — Social Security numbers and more exposed
A firm that focuses on employee benefits enrollment, Kelly & Associates Insurance Group, Inc. (Kelly Benefits) sent a notice to clients to alert them that thousands of them had their data exposed in a cyberattack. As reported by CyberNews, the company has confirmed, both in the client notice as well as in a filing with the Maine Attorney General's office, that they noticed suspicious activity on March 3, 2025 and then confirmed though an internal investigation that a cyberattack had occurred and that threat actors had gained access to their network between December 12 and 17th 2024. Kelly Benefits stated that the hack included copying and taking of certain files, and that breached information included clients names, Social Security numbers and financial account information. According to the filing, 413,032 people have had their information breached and/or stolen, which leaves them at risk for identity theft, fraud and phishing attacks. Kelly Benefits has offered these individuals free credit monitoring and access to the best identity theft protection for 12 months, and advises clients to stay aware of their accounts to watch for unsolicited activities. If you've also been affected by a data breach like this – and let's be honest, these days many of us have – you want to take the company in question up on their offer for free services. Likewise, make sure that you are closely monitoring your accounts for any unusual or suspicious activities. You may also want to consider a credit freeze. Educate yourself on the signs of phishing attacks and make sure you never click on any unexpected links, attachments, files or QR codes from people you don't know. Be wary of people on social media who may reach out to you with offers or those who want you to download or click on files or attachments. If you don't already have any of the online protections offered by the best antivirus software, look into getting a VPN or hardened browser, as well as a password manager for added levels of security. Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
