BIGFISH TECHNOLOGY LIMITED
04 July 2024

HealthEquity's data breach exposes protected health information

HealthEquity, a healthcare fintech firm, has issued a data breach warning after a partner's account was hijacked and exploited to gain access to the company's systems in order to obtain protected health information.

The company claims it discovered the intrusion after noticing 'anomalous behavior' on a partner's personal device and initiated an investigation into the matter.

The inquiry discovered that the partner had been hacked by hackers, who used the hijacked account to obtain illegal access to HealthEquity's networks and then exfiltrated critical health data.

"The investigation concluded that the Partner's user account had been compromised by an unauthorized third party, who used that account to access information," according to the securities regulator's filing.

"The accessed information included some personally identifiable information, which in some cases is considered protected health information, pertaining to certain of our members."

"The investigation further concluded that some information was subsequently transferred off the Partner's systems."

HealthEquity specializes in health savings account (HSA) services as well as other consumer-directed benefit solutions such as flexible spending accounts (FSAs), health reimbursement arrangements (HRAs), and 401(k) retirement plans.

It is one of the major HSA custodians in the United States, managing millions of HSA, FSA, HRA, and other benefit accounts while collaborating with a wide range of businesses and health plans.

The specific impact and number of people affected by the security incident have not been released, but HealthEquity has begun alerting those affected.

To reduce the risk for those who have been exposed, the company has offered to provide comprehensive credit monitoring and identity restoration services.

HealthEquity's internal investigation found no indication that malware was dumped on its systems, and there were no technical issues. All corporate operations and services are fully operational.

The Company is now reviewing the incident's impact and the expense of its response operations, but it did not believe

 

Source: BleepingComputer