Topics
belated
AI
Amazon
Image Credits:MirageC / Getty Images
Apps
Biotech & Health
clime
Image Credits:MirageC / Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
Fundraising
Gadgets
game
Government & Policy
Hardware
layoff
Media & Entertainment
Meta
Microsoft
privateness
Robotics
Security
Social
Space
startup
TikTok
Transportation
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
telecasting
Partner Content
TechCrunch Brand Studio
Crunchboard
reach Us
On Tuesday , wellness technical school services supplier HealthEquity disclosed in a filing with Union governor that it had digest a data point breach , in which hacker stole the “ protected wellness data ” of some customers .
In an 8 - K filing with the SEC , the company tell it detected “ anomalous demeanour by a personal use equipment belong to a line of work married person , ” and concluded that the better half ’s account had been compromise by someone who then used the account to approach members ’ information .
On Wednesday , HealthEquity disclosed more details of the incident with TechCrunch . HealthEquity spokesperson Amy Cerny articulate in an email that this was “ an isolated incident ” that is not connected to other recent breaches , such as that of Change Healthcare , have by the health care giant UnitedHealth . In May , UnitedHealth CEO Andrew Witty said in a House sense of hearing that thebreach impact “ maybe a third ” of all Americans .
HealthEquity detected the breach on March 25 , when it “ take on immediate action , fix the issue , and start extensive information forensics , which were nail on June 10 . ” The company convey together “ a team of outside and interior experts to look into and ready for response . ” The investigations define that the breach was due to the compromise third - political party vendor account having access to “ some of HealthEquity ’s SharePoint data , ” allot to Cerny .
SharePointis a lot of Microsoft tools that take into account companies to create websites , as well as memory board and share internal information — essentially an intranet .
Cerny also say that “ transactional system , where integration come about , were not impacted , ” and that the troupe is apprise cooperator , clients and phallus , and has been work out with jurisprudence enforcement as well as expert to form on keep future incidents .
TechCrunch asked Cerny to pin down what in person identifiable and “ protected health ” selective information was stolen in this breach , how many citizenry have been affect and what partner was demand . Cerny decline to answer all of these questions .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
Earlier this year , HealthEquity reportedthat the ship’s company and its underling “ administrate HSAs and other CDBs for our more than 15 million story in partnership with employer , benefits advisers , and wellness and retirement plan providers . ”
