Fintech

Healthcare fintech firm HealthEquity discloses data breach

Published

7 months ago

on

Healthcare fintech firm HealthEquity discloses data breach

Pierluigi Paganini
July 4, 2024

Healthcare company HealthEquity disclosed a data breach that resulted in a partner’s account being compromised, exposing protected health information.

Healthcare fintech company HealthEquity disclosed a data breach after a partner’s compromised account was used to access its systems. Intruders stole protected health information from company systems. The company discovered anomalous behavior from the partner’s personal device and immediately launched an investigation that led to the discovery of the security breach.

“The investigation concluded that the Partner’s user account had been compromised by an unauthorized third party, who used that account to access information. The information accessed included certain personally identifiable information, which in some cases is considered protected health information, relating to some of our members. The investigation also concluded that certain information was subsequently transferred from Partner’s systems.” Read the FORM 8-K filed with the SEC. “The Company has taken steps to strengthen its security environment, including with respect to the compromised Partner account and the actions recommended by its incident response firm. The investigation did not detect the insertion of malicious code into any Company systems. There was no disruption to the Company’s systems, services, or business operations.”

HealthEquity is a leading financial technology company specializing in the administration of health savings accounts (HSAs) and other direct-to-consumer benefits. Some key facts about HealthEquity:

As of July 2022, HealthEquity managed 7.5 million HSA accounts with $20.5 billion in assets, plus another 7 million direct-to-consumer benefit accounts for a total of 14.5 million accounts..

The company is informing its partners and customers, as well as identifying and notifying affected individual members.

HealthEquity will offer free credit monitoring and identity restoration services. The investigation is ongoing, and the healthcare fintech has yet to determine the impact of the incident.

“The Company does not currently believe that the incident will have a material adverse effect on its business, operations or financial results,” the Form 8-K continues.

“The Company believes it has adequate cybersecurity insurance in place for this incident and will also seek compensation from the Partner.”

Pierluigi Paganini

Follow me on Twitter: @securitybusiness AND Facebook AND Mastodon

(Security Business hacking, healthcare)



Source

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version