- Breach customer service tickets exposed with personal data
- Medical records and provider communications will not be affected
- Company that offers free credit monitoring and identity restoration
American telehealth giant Hims & Hers has confirmed that it recently suffered a cyberattack in which it lost confidential information about its clients.
In a breach notification letter filed with the California Attorney General’s Office, the company said it detected the intrusion on February 5, 2026 and took steps to protect its infrastructure. Upon further investigation, the company discovered that between February 4 and February 7, an unidentified threat actor accessed “certain tickets sent to our customer support team.”
These fines, which affect “a limited set of people,” contained personal information, Hims & Hers said, but did not go into details. He said names and contact information were accessed, as well as other information that was redacted in the letter.
Article continues below.
Nothing is known about the attackers
“Customer medical records were not affected by this incident, nor were communications with healthcare providers on the platform,” the company said, adding that it was now reviewing its policies and procedures to ensure intrusions like this do not occur in the future, and that federal authorities have been notified. If necessary, regulators will also be notified.
We do not know how many people were affected by this incident, but as TechCrunch As reported, companies are required by law to issue a notification if more than 500 people are affected. Hims & Hers also offers free credit monitoring and identity restoration services for one year, through Cyberscout.
Hims & Hers did not say how the breach occurred and we do not know if the attackers contacted them. Typically, when criminals steal sensitive data, they offer to delete it in exchange for payment in cryptocurrency, but most victims reject such offers.
No hacking group has yet claimed responsibility for this attack and the data has not yet appeared in the wild. Information generated by healthcare organizations is often valuable to criminals, given its potential for abuse in phishing attacks and identity theft.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
