Hims & Hers Experiences Data Breach Affecting Customer Support Services
Hims & Hers, a telehealth company known for providing treatments related to sexual health and weight management, has announced a cybersecurity breach involving its outsourced customer support platform. this incident exposed sensitive details submitted by users through their help requests.
Overview of the Cybersecurity Breach
The intrusion occurred between February 4 and February 7 when unauthorized individuals gained access to the company’s third-party ticketing system. During this timeframe, attackers extracted numerous customer service records containing personal details shared by clients seeking assistance.
Although Hims & Hers confirmed that no direct medical records were compromised, some confidential account information and healthcare-related data may have been included within the stolen support communications. The total number of affected customers remains uncertain; however, California regulations require notification if over 500 residents are impacted.
Compromised data Categories
The breach notification revealed that hackers accessed customers’ names, contact information, and other personal details withheld from public disclosure. Company representatives explained that the attack stemmed from a social engineering scheme where employees were manipulated into granting system entry.
This method reflects an increasing trend among cybercriminals who exploit customer service platforms to collect valuable user data for financial exploitation or blackmail attempts.
The Rising Risk Targeting Customer Support Platforms
Customer support ticketing systems have become prime targets for cyberattacks due to their rich stores of personally identifiable information (PII). As a notable example, in late 2025, Discord suffered a similar security incident affecting more than 70,000 users after hackers breached its support infrastructure. That event led to exposure of government-issued IDs submitted during age verification processes.
This pattern underscores the urgent need for organizations relying on external platforms to strengthen security measures around thes often-neglected points of vulnerability in order to safeguard consumer privacy effectively.
no Ransom Requests Have Emerged So Far
Currently, Hims & Hers has not reported any ransom demands or communication from threat actors following the breach. Investigations continue as the company implements strategies aimed at minimizing harm and protecting impacted customers moving forward.
