The fallout from a recent data breach at Kelly Benefits is far worse than originally reported, now affecting over 400,000 individuals across the U.S.
Kelly & Associates Insurance Group—operating as Kelly Benefits—is a Maryland-based firm that offers payroll and benefits administration services to businesses throughout the region. In December 2024, the company fell victim to a cyberattack, and the full scope of that incident is only now coming to light.
At first, the breach seemed limited. But as investigators dug deeper, the numbers kept climbing. Initially, Kelly Benefits told the Maine Attorney General’s Office in early April that 32,000 people had been impacted. Just ten days later, that number jumped to 260,000. In the most recent update, the figure has ballooned to more than 413,000 individuals.
The compromised data includes a wide range of sensitive personal information. According to the company, the attackers had access to full names, Social Security numbers, birth dates, tax identification numbers, health insurance and medical records, and even financial account details—all over a five-day period.
Kelly Benefits began notifying impacted individuals earlier this year, and the breach has affected clients beyond the company’s own employees. Customers such as Amergis, CareFirst, Beam Benefits, The Guardian Life Insurance Company of America, and Beltway Companies were among those whose data was caught in the breach. Other affected organizations include Intercon Truck of Baltimore, Publishers Circulation Fulfilment, Quantum Real Estate Management, and Transforming Lives.
The company has confirmed that a file review process concluded in early March. But despite wrapping up their analysis, the number of impacted individuals continues to grow as more details emerge.
What’s still unclear is whether the attack involved ransomware. As of now, no major ransomware gang has claimed responsibility. This leaves open questions about the nature and motive of the breach.
As investigations continue, the incident stands as yet another reminder of how vulnerable even well-established payroll and benefits providers are to cyberattacks. With stolen data spanning everything from medical history to banking details, victims may face long-term consequences, including identity theft and financial fraud.
Kelly Benefits says it remains in contact with impacted parties and continues working with cybersecurity experts to improve its defenses. Still, the rising headcount of victims raises serious concerns about breach containment and future data protection.
