The Office of the Maine Attorney General has been notified of a significant data breach affecting HealthEquity, a fintech company. This breach has exposed sensitive personal information belonging to 4.3 million customers.
According to HealthEquity, the breach compromised a variety of sensitive data, including information not necessarily associated with every individual. While the company did not specify the exact nature of the exposed data, it emphasized that not all categories contained information for each customer.
Reports indicate that the breach occurred on March 9, 2024, and was only detected on March 25. Following the discovery, HealthEquity conducted an internal investigation to trace the origin of the hack. The investigation revealed that the breach involved unauthorized access to a data storage location external to the company’s main systems. This compromised location allowed the perpetrator to gain access to a limited amount of data stored within.
HealthEquity assures customers that they do not believe the stolen data has been used for malicious purposes. As a precautionary measure and to compensate affected individuals, the company is offering complimentary credit identity monitoring, insurance, and restoration services for a period of two years.
To further protect themselves, HealthEquity recommends customers diligently monitor their bank statements for any suspicious transactions. This proactive step can help identify and address any potential misuse of their financial information.
