CP
cyberpings
BreachesHIGH

Hims & Hers - Customer Support System Hacked in Breach

Featured image for Hims & Hers - Customer Support System Hacked in Breach
TCTechCrunch Security·Reporting by Zack Whittaker
📰 3 sources·Summary by CyberPings Editorial·AI-assisted·Reviewed by Rohit Rana
Updated:
🎯

Hims & Hers, a telehealth company, had its customer support system hacked. Hackers tricked employees into giving them access, and they stole names and email addresses of customers. Although medical records were safe, customers should be careful and change their passwords.

Quick Summary

Hims & Hers confirms a data breach affecting its customer support platform, revealing sensitive customer information was compromised through a social engineering attack.

What Happened

Hims & Hers, the telehealth company known for providing weight-loss and sexual health prescriptions, has confirmed a significant data breach affecting its third-party customer service platform. The breach occurred between February 4 and February 7, 2026, when hackers exploited a social engineering attack to gain unauthorized access to the system. The company filed a data breach notice with the California attorney general's office, as required by law when 500 or more state residents are affected.

Who's Affected

While the exact number of individuals impacted by the breach remains unknown, the company has acknowledged that customer names and email addresses were among the data compromised. Although Hims & Hers has stated that customer medical records were not affected, the nature of customer support systems means that the stolen data may still contain sensitive information related to personal accounts and healthcare.

What Data Was Exposed

The stolen data primarily included customer names and email addresses. However, Hims & Hers has not disclosed the full extent of the other personal data that may have been compromised, leaving customers uncertain about the potential risks. The breach highlights a growing trend where customer support systems are increasingly targeted by financially motivated hackers seeking to extort companies.

What You Should Do

Customers of Hims & Hers are advised to monitor their email accounts for any suspicious activity and to change their passwords as a precaution. It is also recommended to enable two-factor authentication wherever possible to enhance account security. As the investigation continues, Hims & Hers has not indicated whether any ransom demands were made by the hackers, which adds another layer of concern for those affected.

This incident underscores the importance of cybersecurity awareness and the need for companies to implement robust security measures to protect sensitive customer information from similar attacks in the future.

The breach at Hims & Hers serves as a reminder of the vulnerabilities present in third-party customer support systems, which are increasingly targeted by hackers. Organizations must prioritize employee training on social engineering tactics to mitigate such risks.

Original article from

TCTechCrunch Security· Zack Whittaker
Read Full Article

Also covered by

SCSC Media

Hims & Hers data breach exposes customer support data

Read Article
BLBleepingComputer

Hims & Hers warns of data breach after Zendesk support ticket breach

Read Article

Share

Related Pings

HIGHBreaches

Syria’s Security Failures Exposed by Government Account Hack

A recent hack exposed Syrian government accounts, revealing significant cybersecurity weaknesses. This incident raises concerns about the state’s digital security practices and its ability to communicate effectively. Experts warn that without urgent reforms, Syria's digital infrastructure remains at risk.

Wired Security·
LOWBreaches

T-Mobile - Clarifies Details on Recent Data Breach Incident

T-Mobile recently clarified a data breach involving an insider incident, impacting just one customer. Personal financial data remained secure, and the company has taken necessary precautions.

SecurityWeek·
HIGHBreaches

CBP Facility Codes Exposed in Quizlet Flashcards Leak

A Quizlet flashcard set has leaked sensitive information about US Customs and Border Protection facilities, raising serious security concerns.

Wired Security·
HIGHBreaches

Iran Handala Group Breaches Israeli Defence Contractor PSK Wind

Iranian hackers have breached PSK Wind Technologies, an Israeli defense contractor. Sensitive military data has been stolen, posing serious risks to national security. Organizations must strengthen their defenses against such cyber threats.

Security Affairs·
HIGHBreaches

Adobe Breach - Threat Actor Claims Leak of 13 Million Records

A hacker claims to have breached Adobe, leaking sensitive data including 13 million support tickets and employee records. This incident highlights serious third-party security risks.

Cyber Security News·
HIGHBreaches

Americans' Passports Stolen - Hacktivist Attack on Dubai Airport

A hacktivist group has reportedly stolen American passports from Dubai Airport. This breach raises serious concerns about identity theft and fraud risks. Travelers should monitor their information closely.

SC Media·