"The safe handling of your personal data is core to who we are as an organization, and HackerOne is treating this as requiring our critical attention."
"We will undertake our own investigation to assess this incident and are actively communicating with Navia to understand more about how and why this incident occurred."
"HackerOne will also be evaluating Navia's privacy and security policies and practices. If we are not satisfied, we will explore other potential options for benefits providers with our broker."
"Navia stated that it is not aware of any attempted or actual misuse of the exposed information."
HackerOne is notifying 287 employees about a data breach involving their personal information, which was exposed by Navia Benefit Solutions. The breach occurred between December 22, 2025, and January 15, 2026, with unauthorized access discovered on January 23. The compromised data includes names, Social Security numbers, and health plan information. Navia reported that approximately 2.7 million individuals are affected. HackerOne is conducting its own investigation and evaluating Navia's security practices to ensure employee data protection.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]