.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Kelly Benefits is a provider of benefits consulting, enrollment technology, payroll administration, HRIS, compliance support, and carrier management.
The Take: The data breach notice sent to impacted individuals informs recipients of the specific data types impacted by the breach, which vary per person. However, the general notice published on the site says that the compromised info may contain full names, Social Security number, tax ID number, date of birth, medical information, health insurance information, and financial account information.
The Vector: The Maryland-based health and life insurance agency has issued an update on a security incident it suffered last year between December 12-17, when unauthorized actors breached its IT systems and stole files. On April 9, 2025, the company stated that the incident impacted 32,234 individuals. The figure was revised multiple times until the final tally shared with authorities in the U.S. counted 553,660 individuals.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
Cybersecurity Dive: As commercial spyware proliferates and hackers linked to U.S. adversaries step up their attempts to breach high-profile American targets, one U.S. senator says the FBI isn’t doing enough to help lawmakers protect themselves.
TechCrunch: Max Financial Services said its insurance subsidiary Axis Max Life Insurance received communication from an anonymous sender about unauthorized access to its customer data.
CIO Dive: CIOs are under pressure to move AI projects along faster and demonstrate the corresponding value, but a need for speed doesn’t always translate to sustainable momentum.
Cointelegraph: Four North Korean nationals were charged in the state of Georgia with wire fraud and money laundering after posing as remote IT workers at US and Serbian blockchain companies and stealing almost $1 million in crypto, prosecutors said.
Dark Reading: The ransomware scourge has forced cyber insurers to re-examine how they use security assessments. While the threat has been around for years, it's only fairly recently that cybercriminals realized how profitable ransomware attacks could be.
GlobeNewswire: The global cybersecurity market was valued at US$ 233.4 billion in 2024 and is expected to reach US$ 723.8 billion by 2033, growing at a CAGR of 13.40% during the forecast period.
European Pensions: The Danish insurance and pension industries have outlined eight concrete proposals to strengthen cybersecurity, given the country's particular vulnerabilities in this area, according to Insurance and Pension Denmark (I&P Denmark).
The Target: McLaren is a nonprofit health system in the U.S. with $6.6 billion in annual revenue, operating a network that spans 14 Michigan hospitals (2,624 beds).
The Take: The McLaren data breach notification sample submitted to U.S. authorities confirms that full names were exposed, redacting other data types that were exposed. Therefore, the full extent of the data breach remains unclear.
The Vector: In the notice sent to impacted individuals, McLaren Health Care admits that the incident concerned a ransomware attack, though the INC ransomware gang, believed to be responsible for the attack, is still not mentioned.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
Tech Monitor: More than half of cybersecurity professionals globally, at 57.6%, have been pressured to keep security breaches undisclosed, according to a survey by Bitdefender.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy