Urgent Data Breach Alert: What Users Need to Know About the PeopleGuru Security Incident
A significant cybersecurity incident has affected PeopleGuru Holdings, Inc., a provider of Human Capital Management (HCM) and payroll software, potentially exposing the sensitive personal and health information of clients’ current and former employees. If you are an individual associated with the platform—whether through payroll, HR, or benefits—it is crucial to understand the details of this breach and immediately take steps to secure your personal data and your PeopleGuru login credentials.
The PeopleGuru Data Breach Timeline
PeopleGuru discovered the unauthorized activity on its network systems on or about July 9, 2025. Following an immediate investigation, the company determined that an unauthorized third party had gained access to its environment for a short but critical window, specifically between July 6 and July 9, 2025. During this time, the threat actor may have viewed or acquired files containing highly sensitive information.
On October 16, 2025, PeopleGuru began the process of notifying affected individuals by mail, an action also disclosed to state attorneys general, including the California Attorney General’s office. This formal notification confirms that thousands of individuals are potentially impacted, including at least 756 residents in Maine alone.
The Compromised Data: Beyond Your PeopleGuru Login
The true severity of this breach lies in the nature of the data exposed. As an HR and payroll software provider, PeopleGuru held a vast amount of Protected Health Information (PHI) and Personally Identifiable Information (PII) that was potentially compromised. The sensitive data elements involved include, but are not limited to:
-
Names and Dates of Birth
-
Social Security Numbers (SSNs)
-
Driver’s License Numbers and Passport Numbers
-
Financial Account Information
-
Medical Information and Health Insurance Information
The combination of an individual’s identity details, SSN, and financial or medical records makes this type of event a high-risk scenario for severe identity theft and financial fraud. For anyone who uses a PeopleGuru login to access their work portal, the data housed behind that portal is now potentially in the hands of cybercriminals.
What Action Should PeopleGuru Users Take Now?
If you received a data breach notification letter from PeopleGuru, you must act quickly to protect yourself.
-
Change Your Credentials: While the compromise was system-wide, you should immediately change the password associated with your PeopleGuru login and any other accounts that may share the same or a similar password. Use a strong, unique password and enable multi-factor authentication if available.
-
Enroll in Credit Monitoring: PeopleGuru is offering 12 months of complimentary credit monitoring and identity restoration services through TransUnion. Enroll in this service immediately, as it provides an essential layer of defense against identity theft.
-
Monitor Financial Accounts and Credit Reports: Remain vigilant. Review your bank statements, credit card reports, and Explanation of Benefits (EOB) statements for any unusual or unauthorized activity. Consider placing a fraud alert or a credit freeze with the major credit bureaus.
Multiple law firms, including Edelson Lechtzin LLP, Schubert Jonckheer & Kolbe LLP, and Murphy Law Firm, have announced investigations into the incident, potentially leading to class-action lawsuits seeking compensation for victims. The core issue is whether PeopleGuru maintained adequate security safeguards to protect the highly sensitive data of its clients’ employees.
If your information was impacted, the risk of harm is significant. Do not delay in taking preventative measures beyond just updating your PeopleGuru login; your Social Security number and medical history are now potentially exposed, requiring sustained vigilance.