2.7m impacted in US benefits provider Navia cyber attack

“Navia conducted a thorough review of the activity to determine which individuals may have been impacted by this event,” the notice said.

“The information that could have been impacted includes name, date of birth, Social Security number, phone number, email address.”

According to reports, other data includes participation status in Health Reimbursement Arrangements (HRA), Flexible Spending Account (FSA) information, and enrollment data relating to Consolidated Omnibus Budget Reconciliation Act (COBRA).

Navia said that data relating to claims and financial information was not exposed.

While Navia said it has notified federal law enforcement regarding the breach and has reviewed its cyber security protections and standards, it did not disclose the nature of the incident, nor has a threat actor claimed responsibility for it.

The news of the Navia breach comes just days after it was revealed that US medical device manufacturer Stryker suffered a cyber incident.

VIEW ALL

Last week, staff at the Michigan-based firm claimed that the logo of an Iran-linked threat actor began popping up on login pages, while Stryker has said it is experiencing outages.

“Stryker is experiencing a global network disruption to our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained,” the company said on LinkedIn.

“Our teams are working rapidly to understand the impact of the attack on our systems.

“Stryker has business continuity measures in place to continue to support our customers and partners. We are committed to transparency and will keep stakeholders informed as we know more.”

While the company has said it believes the incident has been contained, Bloomberg has reported that the system disruption it suffered as a result of the cyber attack impacted its ability to deliver some of its personalised inventory, leading to delays.