The incident began in March but was only detected in June. The company stated that criminals stole sensitive data after an alert on March 25 led to a technical investigation until June 26.
No malicious code in systems or ransomware was mentioned in the Form 8-K, indicating a straightforward data theft. Vendor accounts were compromised, leading to unauthorized access and subsequent security measures.
Immediate actions post-detection included disabling compromised vendor accounts, blocking threat IP addresses, implementing a global password reset, and enhancing security measures. HealthEquity's core offering is health savings accounts (HSAs).
[
Collection
]
[
|
...
]