Kelly & Associates Insurance coverage Group (dba Kelly Advantages) is informing greater than half one million folks of a data breach that compromised their private info.
The Maryland-based well being and life insurance coverage company has issued an replace on a security incident it suffered final 12 months between December 12-17, when unauthorized actors breached its IT methods and stole information.
On April 9, 2025, the corporate said that the incident impacted 32,234 people. The determine was revised a number of instances till the ultimate tally shared with authorities within the U.S. counted 553,660 people.
Kelly Advantages is a supplier of advantages consulting, enrollment know-how, payroll administration, HRIS, compliance assist, and service administration.
As a number of organizations throughout the nation contract the agency’s companies, figuring out the scope of the data breach and the precise variety of impacted folks was a sophisticated process.
The group’s newest replace lists a complete of 46 entities impacted by the data breach, together with healthcare giants like:
- United Healthcare
- Aetna Life Insurance coverage Firm (CVS Well being)
- CareFirst BlueCross BlueShield
- Humana Insurance coverage ACE
- The Guardian Life Insurance coverage Firm of America
- Mutual of Omaha Insurance coverage Firm
- OneAmerica Monetary Companions, Inc.
The data breach discover despatched to impacted people yesterday informs recipients of the particular knowledge sorts impacted by the breach, which differ per individual.
Nevertheless, the final discover revealed on the positioning says that the compromised information might include full names, Social Safety quantity, tax ID quantity, date of beginning, medical info, medical insurance info, and monetary account info.
Publicity of this info places folks in danger, as they will change into victims of phishing assaults, social engineering, and scams. Impacted people are suggested to train elevated vigilance in opposition to unsolicited communications.
To mitigate the chance, Kelly Advantages gives all letter recipients 12-month freed from cost credit score monitoring and identification theft safety companies via IDX identification theft safety.
Doubtlessly impacted people are additionally suggested to think about inserting a security freeze on their credit score report and intently monitor their accounts for suspicious exercise.
Whereas cloud assaults could also be rising extra subtle, attackers nonetheless succeed with surprisingly easy strategies.
Drawing from Wiz’s detections throughout hundreds of organizations, this report reveals 8 key strategies utilized by cloud-fluent menace actors.
