CP
cyberpings
BreachesHIGH

HackerOne Data Breach - Employees Data Stolen in Attack

CSCyber Security News
HackerOneNavia Benefit SolutionsBOLA vulnerabilitydata breachidentity theft
🎯

Basically, hackers stole personal data from HackerOne employees through a flaw in a benefits administrator's system.

Quick Summary

A data breach at HackerOne has compromised the information of 287 employees. This incident stems from a vulnerability at Navia, affecting millions. Individuals are urged to monitor their accounts and stay vigilant against phishing attempts.

What Happened

HackerOne has recently revealed a significant data breach that impacted 287 of its employees. This breach was a direct result of a cyberattack on Navia Benefit Solutions, the company's U.S. benefits administrator. The attack exploited a Broken Object Level Authorization (BOLA) vulnerability within Navia’s API. This flaw allowed unauthorized access to sensitive data without altering any information, enabling the intrusion to go unnoticed for weeks.

The unauthorized access occurred between December 22, 2025, and January 15, 2026. Navia detected suspicious activity on January 23, 2026, prompting an internal investigation alongside federal law enforcement. However, HackerOne faced delays in receiving notifications about the breach, which were only formally communicated in March 2026, despite the incident being detected in January.

Who's Affected

The breach has far-reaching implications, affecting approximately 2.7 million individuals across Navia’s 10,000 corporate clients. This includes not only the 287 HackerOne employees but also a vast number of other individuals whose personal and health information has been compromised. While financial and claims details were not part of the stolen data, the exposed information is still sufficient for sophisticated social engineering attacks, identity theft, and phishing campaigns.

The delay in communication from Navia has raised concerns about their security practices. HackerOne is now conducting its own investigation into Navia’s privacy standards and has indicated that it may seek alternative benefits providers if necessary. The breach highlights the vulnerabilities within third-party services that can lead to significant risks for companies and their employees.

What Data Was Exposed

The compromised dataset includes sensitive personal and health information that could be exploited by malicious actors. Although financial information was not exfiltrated, the data still poses a risk for targeted phishing attempts. Employees are particularly vulnerable, as attackers could use the stolen information to impersonate employers or government agencies.

HackerOne has advised its employees to remain vigilant against potential phishing attempts and to monitor their financial accounts for unusual activities. The breach underscores the importance of robust security measures, especially when dealing with sensitive employee data.

What You Should Do

If you are an affected individual, it is crucial to take immediate action. Here are some steps you should consider:

  • Monitor your financial accounts for any unusual transactions.
  • Update your passwords and security questions on sensitive accounts.
  • Utilize complimentary identity protection services offered by HackerOne.

Being proactive can help mitigate the risks associated with this breach. Stay informed about any updates from HackerOne and Navia regarding the investigation and any additional steps you may need to take to protect your personal information.

🔒 Pro insight: The delay in breach notification highlights systemic issues in third-party risk management that organizations must address urgently.

Original article from

Cyber Security News · Guru Baran

Read Full Article

Share

Related Pings

HIGHBreaches

Data Breach - Dutch Ministry of Finance Staff Impacted

A cyberattack on the Dutch Ministry of Finance has led to a data breach affecting employees. Investigations are ongoing to determine the full impact. This incident highlights the ongoing risks in cybersecurity, especially for government entities.

Security Affairs·
HIGHBreaches

Lockheed Martin Data Breach - Pro-Iran Hacktivist Claims Attack

Lockheed Martin suffered a significant data breach, with 375 TB stolen by pro-Iran hackers. This incident raises serious national security concerns and highlights vulnerabilities in defense data protection. The company is actively addressing the situation while facing potential ransom demands.

SC Media·
MEDIUMBreaches

Mazda Confirms Limited Employee, Business Partner Data Breach

Mazda confirmed a data breach affecting 692 records of employee and business partner information. While no customer data was compromised, the incident highlights ongoing security challenges. Mazda is enhancing its security measures to prevent future breaches.

SC Media·
HIGHBreaches

Crunchyroll Breach - Third-Party Hack Exposes User Data

A major data breach at Crunchyroll has exposed user data due to a third-party hack at Telus. Nearly 100 GB of sensitive information, including credit card details, was stolen. This incident underscores the risks posed by supply chain vulnerabilities. Users are urged to take immediate action to protect their information.

SC Media·
HIGHBreaches

Kaplan Data Breach - Over 230K Individuals Impacted

Kaplan's data breach has compromised the personal information of over 230,000 individuals. This incident raises serious privacy concerns and has led to class-action lawsuits. Affected individuals should take immediate steps to protect their information.

SC Media·
HIGHBreaches

Trivy Hack - Experts Warn of Aggressive Extortion Wave

A serious breach of the Trivy security tool raises alarms. Up to 10,000 organizations could be affected by aggressive extortion attempts. Stay alert and secure your systems.

CyberScoop·