Navia Data Breach Impacts 2.7 Million
Navia Benefit Solutions disclosed a data breach affecting 2.7 million individuals, with attackers accessing their systems between December 22, 2025, and January 15, 2026. The stolen data included names, dates of birth, Social Security numbers, phone numbers, email addresses, and health plan information. The company is offering 12 months of free identity theft and credit monitoring services to affected individuals.
Summary
Navia Benefit Solutions disclosed a data breach affecting 2.7 million individuals, with attackers accessing their systems between December 22, 2025, and January 15, 2026. The stolen data included names, dates of birth, Social Security numbers, phone numbers, email addresses, and health plan information. The company is offering 12 months of free identity theft and credit monitoring services to affected individuals.
Full text
Third-party benefits administrator Navia Benefit Solutions is notifying nearly 2.7 million people that their personal information was stolen in a data breach. The incident, the company says, was discovered on January 23, but the investigation into the matter determined that hackers had access to its systems between December 22, 2025, and January 15, 2026. During that window, the attackers accessed and likely exfiltrated personal information such as names, dates of birth, Social Security numbers, phone numbers, and email addresses, as well as health plan information. “This investigation and response included confirming the security of our systems, reviewing the contents of relevant data for sensitive information, and notifying potentially impacted individuals via a letter to their home address, where address information was available,” Navia notes in an incident notification. This week, the company told the Maine Attorney General’s Office that 2,697,540 individuals were likely impacted by the data breach. The company is providing the affected people with 12 months of free identity theft and credit monitoring services.Advertisement. Scroll to continue reading. “We encourage you to remain vigilant against incidents of identity theft and fraud and to review your account statements and credit reports for suspicious activity and to detect errors,” the company told the impacted customers. Based in Renton, Washington, Navia Benefit Solutions provides benefits administration, CDH, spending accounts, retirement and wealth solutions, and compliance solutions nationwide. Related: Marquis Data Breach Affects 672,000 Individuals Related: Security Firm Aura Discloses Data Breach Impacting 900,000 Records Related: 238,000 Impacted by Bell Ambulance Data Breach Related: Michelin Confirms Data Breach Linked to Oracle EBS Attack Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Critical ScreenConnect Vulnerability Exposes Machine KeysSecurity Firm Aura Discloses Data Breach Impacting 900,000 RecordsRussian APT Exploits Zimbra Vulnerability Against UkraineRaven Emerges From Stealth With $20 Million in Funding‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware VendorsEU Sanctions Chinese, Iranian Firms Supporting Hacking OperationsManifold Raises $8 Million for AI Detection and ResponseApple Debuts Background Security Improvements With Fresh WebKit Patches Latest News US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ SitesCape Raises $100 Million for Protection Against Cellular Security ThreatsThousands of Magento Sites Hit in Ongoing Defacement CampaignAllure Security Raises $17 Million for Online Brand ProtectionCritical Langflow Vulnerability Exploited Hours After Public DisclosureAisuru and Kimwolf DDoS Botnets Disrupted in International OperationOasis Security Raises $120 Million for Agentic Access Management1stProtect Emerges From Stealth With $20 Million in Funding Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Securing Fragile OT in an Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Webinar: Why Automated Pentesting Alone Is Not Enough April 7, 2026 Join our live diagnostic session to expose hidden coverage gaps and shift from flawed tool-level evaluations to a comprehensive, program-level validation discipline. Register People on the MoveKai has named Alfredo Hickman as Chief Information Security Officer.Gleb Reznik is replacing Fred Gibbins as the CISO at American Express.HITRUST has appointed Sean Foster as CRO and Marc Solomon as CMO.More People On The MoveExpert Insights The Human IOC: Why Security Professionals Struggle with Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) How to 10x Your Vulnerability Management Program in the Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose a Critical Flaw in Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat as Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Flipboard Reddit Whatsapp Whatsapp Email