CP
cyberpings
BreachesHIGH

Hims & Hers Data Breach Exposes Customer Support Data

Featured image for Hims & Hers Data Breach Exposes Customer Support Data
SCSC Media
Hims & Hersdata breachcustomer supportsocial engineeringpersonal data
🎯

Basically, hackers tricked employees to access customer support data.

Quick Summary

A data breach at Hims & Hers has exposed customer support data. Hackers accessed personal information through social engineering tactics. Customers should be vigilant and monitor their accounts for suspicious activity.

What Happened

Telehealth company Hims & Hers recently confirmed a significant data breach affecting its third-party customer service platform. The breach occurred between February 4 and February 7, 2026, when hackers accessed support tickets that contained personal information of customers. Fortunately, the company stated that no medical records were compromised during this incident.

Who's Affected

While the exact number of individuals impacted remains unknown, Hims & Hers has filed a data breach notice with the California attorney general's office. This filing is required by law when 500 or more state residents are affected. The breach primarily involved customer names and email addresses, but the full extent of the compromised data has not been disclosed.

What Data Was Exposed

The stolen data primarily included:

  • Customer names
  • Email addresses

Although the company has not specified other personal data that may have been compromised, the breach highlights the potential risks associated with customer support systems.

What You Should Do

If you are a customer of Hims & Hers, it’s crucial to remain vigilant. Here are some recommended actions:

  • Monitor your email for suspicious activity or phishing attempts.
  • Change your passwords, especially if you use the same password across multiple sites.
  • Consider enabling two-factor authentication (2FA) on your accounts for added security.

The Threat

This breach is a stark reminder of how customer support systems are increasingly becoming targets for hackers. Financially motivated attackers often exploit these systems to gain sensitive information, which can lead to further attacks or extortion.

Defensive Measures

Organizations must take proactive steps to secure their customer support platforms. This includes:

  • Implementing robust training for employees to recognize social engineering tactics.
  • Regularly updating security protocols and software to mitigate vulnerabilities.
  • Conducting thorough audits of third-party vendors to ensure they adhere to strict security standards.

In conclusion, the Hims & Hers data breach underscores the importance of securing customer support systems against social engineering attacks. As cyber threats evolve, companies must remain vigilant and prioritize data protection.

🔒 Pro insight: This breach highlights the growing trend of social engineering attacks targeting customer support systems, necessitating enhanced employee training and security measures.

Original article from

SCSC Media
Read Full Article

Share

Related Pings

HIGHBreaches

Europe’s Cyber Agency Blames Hacking Gangs for Breach

A massive data breach at the European Commission has exposed sensitive information. Hacking groups TeamPCP and ShinyHunters are behind the attack. This incident raises serious security concerns for EU entities.

TechCrunch Security·
HIGHBreaches

Axios npm Compromise - Targeted Social Engineering Attack Exposed

A targeted social engineering attack led to the compromise of Axios on npm, exposing many users to a remote access trojan. The incident reveals serious vulnerabilities in open source software management. Developers must act quickly to secure their dependencies and strengthen their security measures.

Cyber Security News·
HIGHBreaches

ChatGPT Data Leak - Android Rootkit and Ransomware Attack

A data leak from ChatGPT, a new Android rootkit, and a ransomware attack on a water facility reveal serious cybersecurity threats. Millions could be affected by these incidents, highlighting vulnerabilities that need immediate attention.

SecurityWeek·
HIGHBreaches

Trivy Supply Chain Attack - European Commission AWS Breach

A major breach linked to a supply chain attack on the European Commission's AWS has exposed sensitive data. Affected entities include numerous Union organizations. This incident raises significant security concerns and highlights the need for robust protective measures.

Cyber Security News·
LOWBreaches

T-Mobile - Clarifies Details on Recent Data Breach Incident

T-Mobile recently clarified a data breach involving an insider incident, impacting just one customer. Personal financial data remained secure, and the company has taken necessary precautions.

SecurityWeek·
HIGHBreaches

CBP Facility Codes Exposed in Quizlet Flashcards Leak

Sensitive security codes for Customs and Border Protection facilities leaked via Quizlet flashcards. This breach raises serious concerns about national security protocols. Immediate action is being taken to review the incident.

Wired Security·