Ransomware victim disclosure
← All victimsBeniPlus
Claimed by Killsec · listed 1 year ago
Status timeline
- ListedFeb 19, 2025
- Data leakeddate unknown
At a glance
- Group
- Killsec
- Status
- Data leaked
- Country
- Canada
- Sector
- Financial Services
- Listed on leak site
- Feb 19, 2025
About the victim
AI dossier — public-source company profileBeniPlus is a Canadian employee benefits platform serving small businesses and advisors. They offer flexible spending accounts (health, wellness, RRSPs), group insurance integration, and white-label partnership opportunities for benefits advisors and resellers.
- Industry
- Employee Benefits & Payroll Services
Attack summary
Severity: medium — Data has been published (disclosed_status: data_published) and the platform handles sensitive employee benefit and financial information at scale, but without visible proof files or a detailed leak post, the scope and sensitivity cannot be fully confirmed.The killsec group claims to have breached BeniPlus; however, no leak post details are provided, and no proof files or data samples are visible in the available record.
Data the group says was taken
AI dossier — extracted from the leak post- employee personal information
- benefits account data
- financial/spending records
What the group claims
N/A
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

