Decisely Insurance Reports Data Breach Affecting Over 110,000 Nationwide

Georgia-based Decisely Insurance Services announced that a data security incident it experienced last year had compromised the sensitive personal and financial information of more than 110,000 affected individuals across the country.

 

Headquartered in Roswell, Georgia, Decisely Insurance Services is a benefits brokerage and HR services firm that offers its services to small businesses, sole proprietors and contractors.

 

In a data security incident notice filed with the Office of Maine Attorney General, Decisely said that on December 17, it identified suspicious activity within its cloud storage platform. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to secure the affected platform and notified relevant law enforcement authorities about the same.

 

“The investigation determined that some data may have been acquired on December 16, 2024. We then completed a comprehensive analysis of the data potentially involved to identify what information was impacted and to whom it belonged. We notified MetLife and worked with them so they could validate and confirm this data,” Decisely said.

 

The compromised data included names, dates of birth, addresses, phone numbers, Social Security numbers, email addresses, passport numbers, bank account numbers and digital signatures.

 

Decisely reported in a filing with the U.S. Department of Health and Human Services Office for Civil Rights that at least 65,405 individuals were affected by the incident. However, in a more recent filing with Maine’s state regulator, the HR service firm stated that the number of impacted individuals has risen to at least 113,984.

 

Decisely has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general.

 

It has also offered complimentary identity protection and credit monitoring services through Kroll to all affected individuals.

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on Decisely. The HR services firm also did not share details on who was behind the attack, how much data was compromised, or whether it has received a ransom demand.