- Violation of deferred customer service tickets with personal data
- Medical records and provider communications are unaffected
- Company that offers free credit monitoring and identity restoration
US telehealth giant Hims & Hers has confirmed that it recently suffered a cyber attack in which it lost some sensitive customer information.
In a breach letter filed with the Office of the California Attorney General, the company said it discovered the intrusion on February 5, 2026 and moved to secure its infrastructure. After a subsequent investigation, the company found that between February 4 and February 7, an unidentified threat actor gained access to “certain tickets submitted to our customer service team.”
Those tickets, affecting “a limited set of individuals,” contained personal information, Hims & Hers said, but did not elaborate. It said names and contact details were accessed as well as other data redacted in the letter.
The article continues below
No word on the attackers
“The customer’s medical records were not affected by this incident, nor were communications with health care providers on the platform,” the company said, adding that it was now reviewing its policies and procedures to ensure that intrusions like this do not happen in the future and that federal law enforcement was notified. Regulatory authorities will also be notified if necessary.
We don’t know how many people were affected by this incident, but who TechCrunch reported, companies are required by law to issue a notification if more than 500 people are affected. Hims & Hers also offers free credit monitoring and identity recovery services for one year through Cyberscout.
Hims & Hers didn’t say how the breach happened, and we don’t know if they were contacted by the attackers. Usually, when crooks steal sensitive data, they offer to delete it in exchange for payment in crypto, but most victims refuse such offers.
No hacker group has yet claimed responsibility for this attack, and the data has not yet surfaced in the wild. Information generated by healthcare organizations is usually valuable to criminals because of its potential for misuse in the context of phishing and identity theft.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
