A Massive Data Breach Exposed 2.7 Million Social Security Numbers.

Posted on by

Another massive data breach has compromised the health records and confidential information of millions of Americans. Navia Benefit Solutions, a benefits administrator for over 10,000 employers in the United States, reported a breach affecting nearly 2.7 million employees, according to a March 18 complaint filed with the Maine Attorney General’s Office.

Navia’s services include software and customer support for administering everything from flexible spending accounts (FSAs) and health savings accounts (HSAs) to travel and education benefits.

What happened as a result of the Navia Benefit Solutions data breach?

On January 23, Navia detected “suspicious activity” in its systems, leading to the discovery of hacker access to some of the organization’s data between December 22, 2025, and January 15, 2026. During this time, the attackers were able to steal a significant amount of personal data, which may include the following:

You may also like

  • Full name

  • Date of birth

  • Social Security Number (SSN)

  • Phone number

  • Email address

  • Health Insurance Plan Information

Corrupted health plan data may include health reimbursement program (HRA) participation information, Consolidated Budget Reconciliation Act (COBRA) enrollment information, and user flexible spending account (FSA) information.

Navia said the breach did not affect any insurance claims or financial information, although the stolen information is commonly used for social engineering and identity theft attacks.

What do you think at the moment?

What should you do if you have suffered a data breach in Navia Benefit Solutions’ security system?

Navia began notifying affected individuals on March 18, so stay tuned for an email from Navia Benefit Solutions. If your data was affected by the breach, you are eligible for a one-year subscription to Kroll’s personal data monitoring services. The email will contain information on how to register, including the registration deadline and your unique activation code. You must activate your account online at enroll.krollmonitoring.com/redeem.

As always, a major data breach is a good reminder to protect your identity . Freeze your credit (this should be your primary method unless you’re applying for a new line of credit) and set up a fraud alert for a year, which will create additional obstacles if someone tries to apply for credit in your name. Regularly check your credit report and financial accounts for suspicious activity and immediately report fraud to your financial institution. You can also file an identity theft report with the Federal Trade Commission and your local police department.

More…

Privacy

Leave a Reply