Over 400,000 hit in massive employee benefits data breach — Social Security numbers and more exposed

A firm that focuses on employee benefits enrollment, Kelly & Associates Insurance Group, Inc. (Kelly Benefits) sent a notice to clients to alert them that thousands of them had their data exposed in a cyberattack.
As reported by CyberNews, the company has confirmed, both in the client notice as well as in a filing with the Maine Attorney General’s office, that they noticed suspicious activity on March 3, 2025 and then confirmed though an internal investigation that a cyberattack had occurred and that threat actors had gained access to their network between December 12 and 17th 2024.
Kelly Benefits stated that the hack included copying and taking of certain files, and that breached information included clients names, Social Security numbers and financial account information. According to the filing, 413,032 people have had their information breached and/or stolen, which leaves them at risk for identity theft, fraud and phishing attacks.
Kelly Benefits has offered these individuals free credit monitoring and access to the best identity theft protection for 12 months, and advises clients to stay aware of their accounts to watch for unsolicited activities.
How to stay safe after a data breach
If you’ve also been affected by a data breach like this – and let’s be honest, these days many of us have – you want to take the company in question up on their offer for free services. Likewise, make sure that you are closely monitoring your accounts for any unusual or suspicious activities. You may also want to consider a credit freeze.
Educate yourself on the signs of phishing attacks and make sure you never click on any unexpected links, attachments, files or QR codes from people you don’t know. Be wary of people on social media who may reach out to you with offers or those who want you to download or click on files or attachments.
If you don’t already have any of the online protections offered by the best antivirus software, look into getting a VPN or hardened browser, as well as a password manager for added levels of security.
More from Tom’s Guide
Source link