Telehealth giant Hims & Hers says its customer support system was hacked

Hims & Hers confirmed a data breach in its third-party customer support platform, where hackers accessed user requests and stole personal information, including names and contacts, though medical records were not affected. The attack was a result of social engineering, and while the extent of the breach is unclear, it highlights the growing trend of targeting customer support systems in cyberattacks.

Key Points

• Hims & Hers, a telehealth company, experienced a data breach from February 4 to 7, affecting its third-party customer support system.
• Hackers accessed and stole support tickets containing customer names, email addresses, and other personal data.
• Medical records were reportedly not compromised during the breach.
• The attack was classified as a social engineering incident where employees were tricked into providing system access.
• The company has not disclosed the number of individuals affected or responded to any communication from the hackers.
• Recent trends show customer support systems are becoming prime targets for financially motivated cybercriminals.

Relevance

• The incident reflects a broader trend in 2025 where customer support systems are increasingly targeted for financial hacking.
• Previous breaches, like Discord's, have similarly impacted customer support systems, leading to data exposure.
• As telehealth services grow, protecting sensitive customer information is critical against evolving cyber threats.

The Hims & Hers data breach underscores the vulnerabilities of customer support systems in the telehealth industry, signaling the need for enhanced security measures in an era of increasing cyber threats.