Navia Benefit Solutions notified nearly 2.7 million individuals that an unauthorized actor accessed its systems between December 22, 2025 and January 15, 2026, potentially exposing names, Social Security numbers, dates of birth, contact details, and benefits enrollment data (HRA, FSA, COBRA). The company launched an investigation, notified federal law enforcement, is offering 12 months of identity protection and credit monitoring through Kroll, and says no ransomware group has claimed the breach. #NaviaBenefitSolutions #HRA
Keypoints
- Approximately 2.7 million individuals were notified of the data breach.
- Unauthorized access occurred from December 22, 2025 to January 15, 2026 and was discovered on January 23.
- Potentially exposed data includes full names, dates of birth, Social Security numbers, phone numbers, emails, and benefits enrollment details (HRA, FSA, COBRA).
- Navia states claims and financial information were not exposed, but the data could enable phishing and social engineering attacks.
- Impacted customers are being offered 12 months of identity protection and credit monitoring from Kroll and are advised to consider fraud alerts or credit freezes.