Kelly & Associates Insurance coverage Group (dba Kelly Advantages) is informing greater than half one million folks of an information breach that compromised their private data.
The Maryland-based well being and life insurance coverage company has issued an replace on a safety incident it suffered final yr between December 12-17, when unauthorized actors breached its IT methods and stole recordsdata.
On April 9, 2025, the corporate said that the incident impacted 32,234 people. The determine was revised a number of occasions till the ultimate tally shared with authorities within the U.S. counted 553,660 people.
Kelly Advantages is a supplier of advantages consulting, enrollment know-how, payroll administration, HRIS, compliance help, and service administration.
As a number of organizations throughout the nation contract the agency’s companies, figuring out the scope of the information breach and the precise variety of impacted folks was a sophisticated job.
The group’s newest replace lists a complete of 46 entities impacted by the information breach, together with healthcare giants like:
- United Healthcare
- Aetna Life Insurance coverage Firm (CVS Well being)
- CareFirst BlueCross BlueShield
- Humana Insurance coverage ACE
- The Guardian Life Insurance coverage Firm of America
- Mutual of Omaha Insurance coverage Firm
- OneAmerica Monetary Companions, Inc.
The information breach discover despatched to impacted people yesterday informs recipients of the particular information sorts impacted by the breach, which range per particular person.
Nonetheless, the basic discover printed on the location says that the compromised information might include full names, Social Safety quantity, tax ID quantity, date of start, medical data, medical health insurance data, and monetary account data.
Publicity of this data places folks in danger, as they’ll grow to be victims of phishing assaults, social engineering, and scams. Impacted people are suggested to train elevated vigilance in opposition to unsolicited communications.
To mitigate the danger, Kelly Advantages affords all letter recipients 12-month freed from cost credit score monitoring and id theft safety companies by way of IDX id theft safety.
Doubtlessly impacted people are additionally suggested to think about putting a safety freeze on their credit score report and intently monitor their accounts for suspicious exercise.
Whereas cloud assaults could also be rising extra subtle, attackers nonetheless succeed with surprisingly easy strategies.
Drawing from Wiz’s detections throughout hundreds of organizations, this report reveals 8 key strategies utilized by cloud-fluent menace actors.
