PeopleGuru Data Breach Exposes Social Security Numbers & Medical Information

HR and payroll services company, PeopleGuru, experienced a major data breach between July 6, 2025 and July 9, 2025. The company detected the cybersecurity incident on July 9, 2025.

An investigation determined that a cybercriminal gained access to internal systems and may have acquired files containing sensitive information. The cyberattack affected at least 80,146 individuals.

The data breach compromised both personally identifiable information (PII) and protected health information (PHI) including names, Social Security numbers, financial account information, dates of birth, passport numbers, driver’s license numbers, medical information and health insurance information.

This cyberattack is significant as the combination of compromised data puts individuals at risk for identity theft and medical or financial fraud. PeopleGuru began notifying affected individuals by mail on Oct. 16, 2025.

The data breach was also disclosed to multiple state authorities beginning on Oct. 16, 2025, including the California, Maine, Texas, Iowa, Washington, Oregon, Montana and Vermont Attorney Generals' offices. Impacted individuals includes 2,001 Texas residents, 1,861 in Washington, 1,053 Iowa residents, 19 in Montana and 974 in Maine.

The total number of people involved in the data breach has not been released, but is believed to include several companies that utilize PeopleGuru for payroll services.

PeopleGuru's response

After discovering the breach, PeopleGuru took steps to secure its network and launched a detailed review to identify affected clients and their employees. In addition to required state and federal disclosures, the company is offering affected individuals 12 months of complimentary TransUnion credit monitoring and identity restoration services.

If you receive a data breach notice from PeopleGuru, or your employer, you may want to:

• Sign up for the free credit monitoring and identity restoration services, offered to all impacted individuals.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

PeopleGuru has also set up a dedicated assistance line for individuals with questions at 833-844-3117, available Monday through Friday from 8 a.m. to 8 p.m. Eastern Time.