CPM Investigating HealthEquity Data Breach
CPM is investigating a data breach disclosed by HealthEquity that may have disclosed the personal and health information of 4.3 million people. According to its data breach notice filed with Maine’s attorney general, HealthEquity said the data may include customer names, addresses, phone numbers, their Social Security number, information about the person’s employer and the person’s dependent (if any), and some payment card information.
HealthEquity provides employees at companies across the United States access to workplace benefits, like health savings accounts and commuter options for public transit and parking. According to HealthEquity’s February earnings, it said it had more than 15 million total customer accounts.
HealthEquity has admitted that they received an alert on March 25, 2024 about a potential security incident and then proceeded to conduct an investigation. It analyzed the data until June 10, 2024 before confirming that a threat actor had accessed the data and that the breach had occurred on March 9, 2024.
For more information, see the following articles about the HealthEquity Data Breach:
https://techcrunch.com/2024/07/30/healthequity-data-breach-affects-4-3-million-people/
https://www.bleepingcomputer.com/news/security/healthequity-says-data-breach-impacts-43-million-people/
Cotchett, Pitre & McCarthy Partner Thomas E. Loeser is a former federal cyber-prosecutor who specializes in consumer privacy cases. If you believe your data may have been compromised, please complete the form below.