Navia Benefit Solutions has confirmed a data breach exposing personally identifiable information of nearly 2.7 million individuals.
The company, which administers Flexible Spending Accounts, Health Savings Accounts, and other employer-based benefits for over 10,000 U.S. organizations, detected suspicious activity on January 23, 2026. Hackers accessed systems between December 22, 2025, and January 15, 2026.
Compromised data includes full names, dates of birth, Social Security numbers, phone numbers, email addresses, and health plan information such as HRA participation and COBRA enrollment details. Navia stated no financial claims data was stolen.
Affected individuals began receiving notification letters on March 18 and are eligible for one year of free identity monitoring through Kroll.