Maryland-based insurance and HR services provider Kelly Benefits has confirmed a 2024 data breach affecting more than half a million individuals across 46 affiliated organizations.
Scope of the Breach Expanded from 32,000 to Over Half a Million
Kelly & Associates Insurance Group, commonly known as Kelly Benefits, has disclosed that a cybersecurity incident that occurred between December 12–17, 2024 has ultimately impacted 553,660 individuals. The company had initially reported a lower figure of 32,234 in April 2025, but revised it several times as the full extent of the breach came into focus.
The breach involved unauthorized access to the company’s IT environment, during which threat actors stole sensitive files containing personal data.
Determining the scope of the incident proved complex. Kelly Benefits offers HR and insurance-related services—including benefits consulting, payroll administration, and compliance support—to a large number of third-party organizations nationwide. As a result, the breach affected 46 separate entities, with customers of major health insurers caught in the fallout.
Organizations affected include:
- United Healthcare
- Aetna Life Insurance Company (CVS Health)
- CareFirst BlueCross BlueShield
- Humana Insurance ACE
- The Guardian Life Insurance Company of America
- Mutual of Omaha Insurance Company
- OneAmerica Financial Partners, Inc.
Compromised Data Includes SSNs, Medical Details, and Financial Information
The data stolen in the breach varies by individual, but the general categories include:
- Full names
- Social Security numbers
- Tax ID numbers
- Dates of birth
- Medical information
- Health insurance information
- Financial account information
This combination of personal and financial data puts individuals at significant risk of identity theft, phishing, and social engineering attacks.
Impacted individuals began receiving breach notification letters this week, informing them of the specific data involved in their case.
Response Measures and Identity Protection Services
In response to the breach, Kelly Benefits is offering 12 months of free credit monitoring and identity theft protection services through IDX, a well-known identity protection provider.
Recipients of the letter are also encouraged to:
- Remain cautious of suspicious emails or calls
- Monitor bank and insurance accounts for irregular activity
- Consider placing a security freeze on their credit reports to prevent unauthorized access
Rising Trend of Supply Chain Breaches Calls for Stronger Recovery Plans
This incident highlights a growing trend in which third-party vendors and service providers become key targets for cyberattacks—putting hundreds of thousands of downstream clients and employees at risk. As attacks become more sophisticated and widely distributed, having a robust, tamper-proof backup and recovery solution becomes essential for business continuity.
Looking for a trusted recovery solution?
Defend your organization with StoneFly DR365—an air-gapped, immutable backup and recovery appliance trusted by enterprises to ensure zero data loss even in the event of complex cyberattacks.
