CP
cyberpings
BreachesHIGH

Hims & Hers - Data Breach Exposes Support Ticket Information

Featured image for Hims & Hers - Data Breach Exposes Support Ticket Information
BCBleepingComputer
Hims & HersZendeskShinyHunters
🎯

Basically, Hims & Hers had some customer support tickets stolen, which might include personal information.

Quick Summary

Hims & Hers has reported a data breach affecting support tickets on Zendesk. Personal information may have been compromised, prompting the company to offer free credit monitoring. Customers are advised to stay vigilant against phishing attempts.

What Happened

Hims & Hers Health, a prominent telehealth provider, recently disclosed a data breach involving stolen support tickets from a third-party customer service platform, Zendesk. This incident was identified on February 5, 2026, when the company noticed suspicious activity affecting its customer service operations.

The breach occurred between February 4 and February 7, 2026, during which unauthorized access was gained to certain support tickets. An internal investigation confirmed that hackers had indeed accessed these tickets, which may contain personal information such as names and contact details.

Who's Affected

While the exact number of affected individuals remains unspecified, the breach has the potential to impact a significant portion of Hims & Hers' customer base. Given the company's annual revenue of nearly $1 billion and its extensive reach in the telehealth market, many users could be at risk.

What Data Was Exposed

The compromised support tickets may include:

  • Names
  • Contact information
  • Other unspecified data related to customer support requests

Importantly, the company has confirmed that no medical records or doctor communications were compromised during this breach, which may provide some reassurance to affected customers.

What You Should Do

In response to the breach, Hims & Hers is offering 12 months of free credit monitoring services to all impacted users. Customers are encouraged to take the following precautions:

  • Remain vigilant against unsolicited communications that may contain phishing attempts.
  • Review account statements regularly for any suspicious activity.
  • Monitor credit reports for any unusual transactions.

This incident is part of a broader trend, as the ShinyHunters extortion gang has been linked to this breach. They have been known to compromise accounts, such as Okta SSO, to access various third-party services, including Zendesk, and steal sensitive data. The company is actively investigating the incident and has taken steps to secure its customer service platform.

The breach highlights the vulnerabilities associated with third-party service providers and the importance of robust security measures in protecting customer data. Customers should remain proactive in safeguarding their information, especially in light of recent high-profile breaches involving similar platforms.

🔒 Pro insight: The breach underscores the risks associated with third-party service providers, necessitating enhanced security protocols for sensitive customer data.

Original article from

BCBleepingComputer· Bill Toulas
Read Full Article

Share

Related Pings

HIGHBreaches

EU Cyber Agency Attributes Major Data Breach to TeamPCP

A major data breach at the European Commission has been linked to the TeamPCP hacking group. Sensitive data from various EU entities has been exposed, raising serious privacy concerns. Cybersecurity officials are investigating the incident and urging better security practices.

The Record·
HIGHBreaches

Trivy Supply Chain Attack - Data Breach at Europa.eu Exposed

A massive data breach at Europa.eu has been linked to a supply chain attack on Aqua Security's Trivy. Sensitive data from multiple EU entities was compromised. Organizations must act swiftly to secure their systems and data.

CSO Online·
HIGHBreaches

Europe’s Cyber Agency Blames Hacking Gangs for Breach

A massive data breach at the European Commission has exposed sensitive information. Hacking groups TeamPCP and ShinyHunters are behind the attack. This incident raises serious security concerns for EU entities.

TechCrunch Security·
HIGHBreaches

Hims & Hers Data Breach Exposes Customer Support Data

A data breach at Hims & Hers has exposed customer support data. Hackers accessed personal information through social engineering tactics. Customers should be vigilant and monitor their accounts for suspicious activity.

SC Media·
HIGHBreaches

Axios npm Compromise - Targeted Social Engineering Attack Exposed

A targeted social engineering attack led to the compromise of Axios on npm, exposing many users to a remote access trojan. The incident reveals serious vulnerabilities in open source software management. Developers must act quickly to secure their dependencies and strengthen their security measures.

Cyber Security News·
HIGHBreaches

ChatGPT Data Leak - Android Rootkit and Ransomware Attack

A data leak from ChatGPT, a new Android rootkit, and a ransomware attack on a water facility reveal serious cybersecurity threats. Millions could be affected by these incidents, highlighting vulnerabilities that need immediate attention.

SecurityWeek·