Home
>
Data Breach>PeopleGuru

PeopleGuru Data Breach Exposes Sensitive PII and PHI

Published
October 16, 2025
Updated
October 16, 2025
PeopleGuru Data Breach Exposes Sensitive PII and PHI
PeopleGuru
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

PeopleGuru

data breach?

Join the Lawsuit

It's free to join. 

PeopleGuru, a company that provides HR and payroll services to employers, experienced a data breach. The company detected the cybersecurity incident on July 9, 2025. An investigation determined that a cybercriminal gained access to internal systems between July 6, 2025 and July 9, 2025, and may have acquired files containing sensitive information.

The data breach compromised both personally identifiable information (PII) and protected health information (PHI) were potentially compromised. Exposed information included names, Social Security numbers, financial account information, dates of birth, passport numbers, driver’s license numbers, medical information and health insurance information.

This cyberattack is significant as the combination of compromised data puts individuals at risk for identity theft and medical or financial fraud. PeopleGuru began notifying affected individuals by mail on Oct. 16, 2025.

The total number of people involved in the data breach has not been released, but is believed to include several companies that utilize PeopleGuru for payroll services. The data breach was also disclosed to the California Attorney General's office on Oct. 16, 2025.

PeopleGuru's response

After discovering the breach, PeopleGuru took steps to secure its network and launched a detailed review to identify affected clients and their employees. In addition to required state and federal disclosures, the company is offering affected individuals 12 months of complimentary TransUnion credit monitoring and identity restoration services.

If you receive a data breach notice from PeopleGuru, or your employer, you may want to:

  • Sign up for the free credit monitoring and identity restoration services, offered to all impacted individuals.
  • Monitor your credit reports and financial accounts for any unusual activity.
  • Be alert for phishing emails or phone calls that may use your exposed information.
  • Consider placing a fraud alert or credit freeze with major credit bureaus.

PeopleGuru has also set up a dedicated assistance line for individuals with questions at 833-844-3117, available Monday through Friday from 8 a.m. to 8 p.m. Eastern Time.

More information about the HCM company can be found on the PeopleGuru website.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
PeopleGuru
Consumers Notification date
Date of Breach
October 16, 2025
Breach Discovered Date
Total People Affected
Information Types Exposed

Data Breach Settlements

Fortive Corp. $3M Data Breach Class Action Settlement
University of Minnesota $5M Data Breach Settlement
Heritage Provider Network $49.99M Class Action Settlement
Kerber Eck & Braeckel LLP $1.4M Data Breach Settlement
Cascade Surgicenter Data Breach Class Action Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

Watsonville Hospital Data Breach Affects Entire Patient Database
October 16, 2025
Watsonville Hospital Data Breach Affects Entire Patient Database
The Phia Group Data Breach Affects PII & PHI
October 16, 2025
The Phia Group Data Breach Affects PII & PHI
WCIRB Data Breach Exposes Personal Names & More
October 16, 2025
WCIRB Data Breach Exposes Personal Names & More
Sotheby's Data Breach Exposes Personal Info
October 16, 2025
Sotheby's Data Breach Exposes Personal Info