Hims & Hers, a prominent telehealth company, has disclosed a significant data breach impacting its third-party customer service platform. The breach, occurring between February 4 and February 7, involved hackers gaining unauthorized access to the company’s ticketing system, compromising a trove of customer support tickets containing personal data.
While the breach primarily exposed customer names, email addresses, and contact information, the company emphasized that medical records remained unaffected. However, the nature of customer support systems raises concerns about the potential exposure of sensitive personal and healthcare information.
The exact scope of the breach remains unclear, as California law mandates companies to report breaches involving 500 or more state residents. Hims & Hers attributed the breach to a social engineering attack, highlighting the growing trend of financially motivated hackers targeting customer support systems for extortion.
This incident underscores the critical need for robust cybersecurity measures in telehealth services, where the protection of user data and privacy is paramount. As telehealth continues to expand, ensuring the security of customer information becomes increasingly vital to maintaining trust and safeguarding sensitive healthcare details.
Source: TechCrunch