HealthEquity Reports Data Breach, Hackers Steal Sensitive Patient Info via Compromised Account

HealthEquity says latest data breach is an isolated case.

HealthEquity, a prominent provider of health tech services, reported that hackers accessed and stole sensitive patient information through a compromised account.

The breach was disclosed in an 8-K filing with the Securities and Exchange Commission (SEC) and further detailed in statements to TechCrunch.

HealthEquity Reports Data Breach, Hackers Steal Sensitive Patient Info via Compromised Account
HealthEquity, a major health tech provider, revealed a data breach where hackers stole sensitive patient information through a compromised third-party vendor account. Photo by FlyD on Unsplash

HealthEquity Discloses Data Breach Affecting Sensitive Patient Information

HealthEquity detected the breach on March 25 during routine monitoring, identifying "anomalous behavior by a personal use device belonging to a business partner." The company's immediate response involved isolating the issue and launching an extensive investigation.

Speaking with TechCrunch, HealthEquity spokesperson Amy Cerny said the breach was due to the compromised third-party vendor account, which provided the hackers access to some of HealthEquity's SharePoint data.

SharePoint is a set of Microsoft tools that companies use to create websites, and store, and share internal information.

By June 10, HealthEquity had completed its data forensics investigation, which revealed that an unauthorized third party used the compromised account to access and exfiltrate sensitive health data.

However, the company emphasized that its transactional systems, where integrations occur, were not impacted.

Details of the Breach

HealthEquity, which administers Health Savings Accounts (HSAs) and other consumer-directed benefits for over 15 million accounts, stated that the accessed information included some personally identifiable information, which in some cases is considered protected health information.

The investigation also concluded that some of this information was transferred off the partner's systems.

Despite the breach, HealthEquity assured that no malware had been placed on its systems, and there were no interruptions to its services or business operations.

Additionally, Cerny confirmed to TechCrunch that the recent breach was an isolated incident that is not related to other breaches affecting major US health institutions in recent months.

The company has since taken steps to strengthen its security environment, including addressing the compromised partner account and following the recommended actions of its incident response firm.

What's Next?

HealthEquity is in the process of notifying its partners, clients, and individual members whose information may have been involved.

The company is offering complimentary credit monitoring and identity restoration services to those affected to mitigate potential risks. HealthEquity is also working closely with law enforcement and cybersecurity experts to prevent future incidents.

The exact number of people affected by the HealthEquity breach has not been disclosed. However, the company is currently evaluating the incident's impact and the cost of its response efforts.

Despite the breach, HealthEquity does not believe the incident will have a material adverse effect on its business, operations, or financial results. The company also believes it holds adequate cybersecurity insurance for this incident and will seek recourse from the partner involved.

Stay posted here at Tech Times.

Tech Times Writer John Lopez
Tech Times Writer John Lopez
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics