In a major cybersecurity incident, Navia Benefit Solutions has confirmed a data breach affecting nearly 2.7 million individuals, following unauthorised access to its systems.
The company, which manages employee benefits for over 10000 employers in the United States, holds large volumes of sensitive data, including flexible spending arrangement (FSA) and dependent care assistance program details. The breach exposed personal and health plan-related information, although no direct financial data, bank account details, or health claims were accessed.
The incident was caused by a vulnerability in an Application Programming Interface (API). A threat actor exploited this flaw to gain read-only access to participant data. Since the attackers did not alter systems or transfer funds, the breach was not detected immediately.
Navia has since fixed the API vulnerability and temporarily disabled participant registration to strengthen authentication controls. The company also confirmed that there is no evidence of ransomware or system-wide encryption linked to the incident.
The breach includes records dating back 7 years to 2018, impacting both current and former members of public employee benefit programs. The exposed data includes full names, dates of birth, physical addresses, email addresses, phone numbers, Social Security numbers, and Navia ID numbers. It also includes health plan details such as participation in HRAs, FSAs, and COBRA, along with termination dates.
Following the discovery, Navia secured affected systems and launched an internal investigation with external forensic experts. The company has informed federal law enforcement and relevant regulatory bodies, including the U.S. Department of Health and Human Services, and has also notified employers associated with the platform.
To assist affected individuals, Navia is offering 12 months of free identity protection and credit monitoring services through Kroll. Users have been advised to stay alert, monitor credit activity, and report any suspicious transactions. The company has also strengthened its systems with enhanced multi-factor authentication.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
