Telehealth provider Hims & Hers has disclosed a cybersecurity breach involving its third-party customer support platform, raising concerns about the safety of user information.

The incident, which occurred over a short period in early February, involved unauthorized access to customer support tickets containing personal data submitted by users.

According to the company, the compromised data includes customer names and contact details, along with other unspecified personal information.
While Hims & Hers emphasized that medical records were not affected, experts warn that support communications can still contain sensitive personal and account-related details.

The breach has been attributed to a social engineering attack, in which hackers manipulated employees into granting system access. This method has become increasingly common, targeting human vulnerabilities rather than technical weaknesses in cybersecurity systems.

The company has not disclosed the total number of affected users or whether the attackers have made any demands.

As cyber threats continue to evolve, the incident highlights the growing risks faced by digital health platforms and the importance of strengthening both technological and human defenses.

Source:Techcrunch