{"id":202642,"date":"2026-04-06T11:21:00","date_gmt":"2026-04-06T15:21:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/06\/hims-hers-says-limited-data-stolen-in-social-engineering-attack\/"},"modified":"2026-04-06T11:25:22","modified_gmt":"2026-04-06T15:25:22","slug":"hims-hers-says-limited-data-stolen-in-social-engineering-attack","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/06\/hims-hers-says-limited-data-stolen-in-social-engineering-attack\/","title":{"rendered":"Hims &#038; Hers says limited data stolen in social engineering attack"},"content":{"rendered":"<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/hims-hers-data-stolen-social-engineering\/816707\/\">Hims &#038; Hers says limited data stolen in social engineering attack<\/a><\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/hims-hers-data-stolen-social-engineering\/816707\/\">https:\/\/www.cybersecuritydive.com\/news\/hims-hers-data-stolen-social-engineering\/816707\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-06 11:21:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.cybersecuritydive.com\">www.cybersecuritydive.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>Hims &#038; Hers, a San Francisco-based telehealth company, was impacted by a \u201csophisticated social engineering attack\u201d in February in which a hacker gained access to its third-party customer service platform, according to regulatory filings.<br \/>\nThe firm said an unknown party gained unauthorized access to service tickets between Feb. 4 and Feb. 7, according to a filing Thursday with the California Attorney General\u2019s office.\u00a0<br \/>\nThe company discovered the suspicious activity on Feb. 5, took steps to secure its customer service environment and launched an investigation.\u00a0<\/p>\n<p>\u201cWe have confirmed that our electronic medical record and communications with healthcare providers on our platform were not accessed,\u201d a spokesperson for Hims &#038; Hers told Cybersecurity Dive. \u201cThird-party access was limited to our customer service software platform, and data accessed primarily included customer names and email addresses.\u201d<br \/>\nThe firm, which has about 2.5 million subscribers, is a major provider of health treatments and wellness products. Just last month, the company announced an agreement with Novo Nordisk to offer FDA-approved weight-loss medications with medical support.\u00a0<br \/>\nCustomer medical records were not accessed during the attack, nor were any communications with healthcare providers on the platform, according to the filing with the California AG.\u00a0<br \/>\nThe company has notified law enforcement and is reviewing its internal policies and procedures to reduce the likelihood of a similar incident happening in the future, according to the filing.\u00a0<br \/>\nThe company confirmed that the social engineering attack targeted two employees, according to information disclosed in the company\u2019s Feb. 22 10-K filing with the Securities and Exchange Commission.<br \/>\nAccording to the report, the hackers may have gained access to some treatment information for certain customers who contacted the company\u2019s customer service department through the online platform between February 2025 and February 2026.\u00a0<br \/>\nHims &#038; Hers officials said in the filing that they did not believe the incident would have a material impact on the company\u2019s financial performance.\u00a0<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hims &#038; Hers says limited data stolen in social engineering attack https:\/\/www.cybersecuritydive.com\/news\/hims-hers-data-stolen-social-engineering\/816707\/ Publish Date: 2026-04-06&#8230;<\/p>\n","protected":false},"author":1,"featured_media":202643,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/1O4QK4bTFuHLSFVpbXBt8wAZC_GUglFreo_oARR43Mk\/g:ce\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9IaW1zSGVyc19BcG9sbG9fUFJfQl8xOTIweDEwODAuanBn.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,35],"class_list":["post-202642","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-hacker"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/202642"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=202642"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/202642\/revisions"}],"predecessor-version":[{"id":202644,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/202642\/revisions\/202644"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/202643"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=202642"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=202642"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=202642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}