Home
>
Data Breach>BenefitElect

Benefitelect Data Breach Exposes Social Security Numbers

Published
October 16, 2025
Updated
October 16, 2025
Benefitelect Data Breach Exposes Social Security Numbers
BenefitElect
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

BenefitElect

data breach?

Join the Lawsuit

It's free to join. 

On April 2, 2025, Coalesce LLC dba Benefitelect, an Oregon-based benefits administration and HR software provider, discovered suspicious activity within its systems. The company quickly determined that an unauthorized actor exploited a vulnerability in CrushFTP software, allowing files to be accessed and exfiltrated between March 30 and March 31, 2025.

The ransomware group Kill Security later claimed responsibility for the breach, stating on a dark web forum that they had obtained Benefitelect’s database and intended to publish it within a week.

A thorough investigation, aided by third-party cybersecurity specialists, revealed that the compromised files contained sensitive benefits eligibility and onboarding census information including names, addresses, dates of birth, Social Security numbers and financial account information.

For Massachusetts residents, 147 individuals were affected, according to a disclosure filed with the Massachusetts Attorney General. A disclosure was also filed with the California Attorney General.

The combination of PII and financial data significantly increases the risk of identity theft and fraud for those affected. The company publicly acknowledged the incident and provided a detailed security incident notice on its website.

Benefitelect's response

To support those affected, Benefitelect is offering complimentary credit monitoring and identity theft protection services through IDX. Impacted individuals received instructions and an enrollment code to activate these services. Benefitelect is encouraging everyone affected to remain vigilant by monitoring account statements, reviewing credit reports and enrolling in the provided identity protection services.

Given the nature of the breach, a ransomware attack involving the exfiltration of files containing sensitive PII and financial information, affected individuals should consider placing a fraud alert or credit freeze with the major credit bureaus. Regularly reviewing credit reports and promptly reporting any suspicious activity are also recommended steps.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
BenefitElect
Consumers Notification date
Date of Breach
April 2, 2025
Breach Discovered Date
between March 30, 2025, and March 31, 2025
Total People Affected
Information Types Exposed
  • Social Security number
  • address
  • financial account information
  • date of birth
  • name

Data Breach Settlements

Fortive Corp. $3M Data Breach Class Action Settlement
University of Minnesota $5M Data Breach Settlement
Heritage Provider Network $49.99M Class Action Settlement
Kerber Eck & Braeckel LLP $1.4M Data Breach Settlement
Cascade Surgicenter Data Breach Class Action Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

PeopleGuru Data Breach Exposes Sensitive PII and PHI
October 16, 2025
PeopleGuru Data Breach Exposes Sensitive PII and PHI
Watsonville Hospital Data Breach Affects Entire Patient Database
October 16, 2025
Watsonville Hospital Data Breach Affects Entire Patient Database
The Phia Group Data Breach Affects PII & PHI
October 16, 2025
The Phia Group Data Breach Affects PII & PHI
WCIRB Data Breach Exposes Personal Names & More
October 16, 2025
WCIRB Data Breach Exposes Personal Names & More