Sensitive customer support ticket data exposed in Hims third-party platform breach
Summary
Hide ▲
Show ▼
A third-party customer support platform used by telehealth provider Hims & Hers Health (Hims) was breached between February 4 and February 7, exposing highly sensitive protected health information (PHI) via customer support tickets. The breach compromised names, unspecified medical data, and email addresses, impacting an undisclosed number of customers. Threat actor ShinyHunters initially claimed responsibility, though this has not been independently verified. The incident highlights systemic risks in healthcare customer support workflows that aggregate sensitive PHI across fragmented, outsourced systems.
Timeline
-
10.04.2026 23:02 1 articles · 3h ago
Hims third-party customer support platform breached, exposing PHI via support tickets
Between February 4–7, 2026, a threat actor accessed Hims’ third-party customer support platform and exfiltrated data from customer support tickets. The company became aware of suspicious activity on February 5 and took steps to secure the platform, but the unauthorized access persisted during this period. On March 5, Hims determined that the accessed tickets contained names and unspecified medical information for a limited number of users; email addresses were later confirmed as impacted. Customer notifications began in early April 2026.
Show sources
- Hims Breach Exposes the Most Sensitive Kinds of PHI — www.darkreading.com — 10.04.2026 23:02
Information Snippets
-
Hims discovered suspicious activity on its customer service platform on February 5, 2026, but threat actors maintained access from February 4 to February 7.
First reported: 10.04.2026 23:021 source, 1 articleShow sources
- Hims Breach Exposes the Most Sensitive Kinds of PHI — www.darkreading.com — 10.04.2026 23:02
-
Customer support tickets accessed by unauthorized actors contained names and unspecified medical information for a limited subset of users, with email addresses also confirmed as impacted.
First reported: 10.04.2026 23:021 source, 1 articleShow sources
- Hims Breach Exposes the Most Sensitive Kinds of PHI — www.darkreading.com — 10.04.2026 23:02
-
The telehealth provider notified affected customers approximately two months after the breach was discovered, offering free credit monitoring and identity protection guidance.
First reported: 10.04.2026 23:021 source, 1 articleShow sources
- Hims Breach Exposes the Most Sensitive Kinds of PHI — www.darkreading.com — 10.04.2026 23:02
-
ShinyHunters has claimed responsibility for the breach, though no verified leaks or extortion demands tied to the stolen data have been observed as of publication.
First reported: 10.04.2026 23:021 source, 1 articleShow sources
- Hims Breach Exposes the Most Sensitive Kinds of PHI — www.darkreading.com — 10.04.2026 23:02
-
Hims markets products for highly stigmatized conditions (e.g., erectile dysfunction, balding, obesity, mental health) primarily targeting younger demographics, amplifying the potential for blackmail or reputational harm.
First reported: 10.04.2026 23:021 source, 1 articleShow sources
- Hims Breach Exposes the Most Sensitive Kinds of PHI — www.darkreading.com — 10.04.2026 23:02
-
Hims did not disclose the name of the third-party customer support platform involved in the breach.
First reported: 10.04.2026 23:021 source, 1 articleShow sources
- Hims Breach Exposes the Most Sensitive Kinds of PHI — www.darkreading.com — 10.04.2026 23:02