A U.S. benefits administrator is notifying nearly 2.7 million people that attackers accessed systems between December 22, 2025 and January 15, 2026 and may have exposed personal data.
KEY FACTS
- Incident Unauthorized access between December 22, 2025 and January 15, 2026
- Discovery Suspicious activity identified on January 23, 2026
- People affected Nearly 2.7 million individuals
- Data exposed Names, DOB, SSN, contact details and benefit enrollment information
In a notification to impacted individuals from Navia Benefit Solutions, the company said the investigation determined that an unauthorized actor accessed and acquired certain information during the identified period.
Per the notice the exposed items include full name, date of birth, Social Security number, phone number, email address, participation in Health Reimbursement Arrangements, Flexible Spending Account information, and COBRA enrollment information.
According to the notice no claims or financial account information were exposed, but the data could enable phishing and social engineering attacks against affected people.
According to the notice the company reviewed its security posture and data retention policies and notified federal law enforcement. Impacted customers will be covered by a free 12-month identity protection and credit monitoring service from Kroll. Letter recipients are encouraged to consider placing a fraud alert and a security freeze on their credit files. At the time of the notice no ransomware group had claimed the breach.
WHY IT MATTERS
Exposed personal identifiers and benefit enrollment details can be used to commit identity theft or targeted fraud. Affected individuals should monitor accounts, use the offered monitoring services, and consider credit protections.