4.3 Million Users’ Data Stolen After Utah-Based HSA Administrator Suffers Breach

by
Krishi Chowdhary
from Techreport on (#6PZ3V)
claudio-schwarz-fyeOxvYvIyY-unsplash-1200x800.jpg
  • Utah-based fintech firm, Health Equity, was hit by a data breach as a result of which the data of more than 4.3 million customers was stolen.
  • The breach started on 9th March 2024, but the company didn't find out until March 25.
  • Victims have already been informed and will be provided with recovery assistance.

claudio-schwarz-fyeOxvYvIyY-unsplash-300x200.jpg

More than 4.3 million customers are now at risk of fraud after a group of hackers breached a Utah-based fintech firm. The firm is called Health Equity and is a popular Health Savings Account (HSA) administrator.

In a statement made to the Maine Attorney General's Office, it said its systems suffered a breach as a result of which malicious actors were able to access the personal information of 4.3 million customers.

A notice was also sent to the customers, informing them of the breach. Compromised data includes:

  • First and last names
  • Addresses
  • Phone numbers
  • Employee ID and employer's name
  • Social security number
  • Dependent information
  • Payment card information

Note: This is just a comprehensive list of all the types of data that have been stolen. Not every category was compromised for each user.

About the Breach

The breach took place on March 9th, 2024 but it was not until March 25 that the company realized that its systems had been compromised. Then, from March to June 10, it ran an internal investigation to get to the root of the issue.

The investigation revealed that a vendor's user accounts, that had access to an online data storage location, were compromised first. Because of this breach, the threat actors were able to access a limited amount of data stored in storage locations outside their core systems.

Right now, the company doesn't think that the stolen information has been used for any malicious purposes. But there's no guarantee that it won't be misused in the future.

So to make up for it, all victims are being offered a two-year complimentary credit identity, monitoring, insurance, and restoration services. The company has also advised its users to routinely check their financial statements to ensure there's no suspicious activity.

The post 4.3 Million Users' Data Stolen After Utah-Based HSA Administrator Suffers Breach appeared first on The Tech Report.

External Content
Source RSS or Atom Feed
Feed Location https://techreport.com/feed/
Feed Title Techreport
Feed Link https://techreport.com/
Reply 0 comments