HIMS & Hers Health, operating as Hims, suffered a data breach through its third‑party customer support platform, exposing potentially highly sensitive information. Cybercriminals gained access to customer support tickets that could contain names and unspecified medical information for a limited set of affected customers. The breach claims regarding the attackers’ identity were reported as belonging to the ShinyHunters group, according to BleepingComputer, but those claims could not be verified.
Dark Reading notes that there is no evidence yet that ShinyHunters or any other cybercriminal group has leaked the Hims data. The company first became aware of suspicious activity on 5 February, with access spanning from 4 to 7 February, and has since informed affected customers and offered a year of free credit monitoring. As the discussion around third‑party platforms grows, some industry voices emphasise that customer service data often sits across multiple systems, creating risk when breached.