Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
HealthEquity, a healthcare fintech company, is warning that it suffered a data breach after a partner’s account was compromised and used to access the company’s systems. Protected health information was stolen during the attack.
Details About the Incident
The company launched an investigation upon discovering the breach. It revealed that the partner had been compromised by threat actors who leveraged the hijacked account to gain unauthorized access to HealthEquity’s systems.
The investigation concluded that the Partner’s user account had been compromised by an unauthorized third party, who used that account to access information… The accessed information included some personally identifiable information, which in some cases is considered protected health information, pertaining to certain of our members… The investigation further concluded that some information was subsequently transferred off the Partner’s systems.
HealthEquity SEC Filing (Source)
HealthEquity is a provider of consumer-directed benefits solutions, specialising in health savings account (HSA) services as well as flexible spending accounts (FSAs), health reimbursement arrangements (HRAs), and 401(k) retirement plans.
As one of the biggest custodians of HSAs in the US, it works with many companies and health plans while overseeing millions of HSA, FSA, HRA, and other benefit accounts.
According to BleepingComputer, there is no exact data on the impact and number of people affected by the security incident, although HealthEquity started notifying impacted individuals.
The company promised to offer complementary credit monitoring and identity restoration services to mitigate the risk for exposed people.
There have been no technical disruptions, and HealthEquity’s internal inquiry has not turned up any proof that malware was dumped on its systems. Every company function and service is still completely operational.
Although it has stated that it does not think the incident will have a substantial impact on its business or financial performance, the company is still assessing the incident’s effects and the cost of its response activities.
If you liked this piece, you can find more on the blog. Follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.
