MALWAREBYTES reports that Hims & Hers says hackers breached its third‑party customer service platform, with suspicious activity detected on 5 February and investigators finding that between 4 and 7 February attackers accessed or stole support tickets.
The firm did not confirm until 3 March that personal information was inside those tickets, and the exposed data may include names, contact information, and other details related to the support requests, though medical records and doctor communications were not compromised.
Although Hims & Hers has not named the attackers, according to BleepingComputer the ShinyHunters extortion gang was behind the breach, which involved compromising single sign‑on accounts used to access cloud services and SaaS platforms, including the Zendesk instance containing millions of tickets. The article notes that other firms have faced similar Zendesk‑based breaches, and emphasises that customer support platforms are increasingly doorways for attackers.
In response, Hims & Hers is offering 12 months of free credit monitoring, and Malwarebytes advises vigilance against scams that leverage stolen ticket data.