Skip to main content
A man sees his private data publicly available online, prompting him to consider filing an AI lawsuit

Kelly Benefits Data Breach Investigation Update

Written by Joseph Lyon on . Posted in Data Breach.

The data breach lawyers at The Lyon Firm are investigating the ongoing investigation into a “hacking/IT incident” reported at Kelly Benefits (Kelly & Associates Insurance Group). The most recent notices sent to state Attorneys General suggest as many as 264,000 individuals may have had their personal data compromised.

Contact our data theft attorneys to discuss how to protect yourself following any data security incident and to consider filing a class action complaint. We have filed dozens of data breach lawsuits on behalf of plaintiffs nationwide and have settled several cases to compensate victims for related damages. Call for a free consultation and case review.

What Happened at Kelly Benefits?

Kelly Benefits, the Maryland-based company that provides benefits administration and technology, broker and consulting services, and payroll solutions, announced in a notice posted on its website that they detected suspicious activity on their network. A subsequent investigation indicated that hackers accessed its systems between December 12 and December 17, 2024. Certain files may have been exfiltrated during that period, including ones containing personal data such as name, date of birth, SSN, tax ID number, medical information, health insurance information, and financial account information.

Impacted individuals and related businesses are being notified. Kelly has sent out data breach notification letters on behalf of Amergis, Beam Benefits, Beltway Companies, CareFirst, The Guardian Life Insurance Company of America, Intercon Truck of Baltimore, Publishers Circulation Fulfilment, Quantum Real Estate Management, and Transforming Lives.

The company reported to the Maine Attorney General that the data breach impacted nearly 264,000 people. Nothing has been confirmed as far as what caused the breach, but it’s possible that Kelly Benefits was targeted in a ransomware attack. We do know the incident occurred months ago, and the company may have paid a ransom to avoid a data leak and did not alert the public of any developments.