On July 2, 2024, Health tech provider HealthEquity disclosed a data breach involving unauthorized access to customers’ protected health information via a compromised third-party vendor account. The breach was detected on March 25 and involved HealthEquity’s SharePoint data.

The incident, affecting 23,000 subscribers, has not been linked to any other recent cyberattacks in the healthcare sector.

HealthEquity disclosed the breach in an 8-K filing with the SEC. Its statement says that the breach was discovered through routine monitoring when it encountered “anomalous behavior by a personal use device belonging to a business partner.” The company claims that it immediately took steps to “isolate and triage” the issue while launching an investigation into its nature and scope.

According to HealthEquity, the investigation concluded that an unauthorized third party had compromised a partner account, which allowed it to access the data. This involves some personally identifiable information, including protected health information. The malicious actor then transferred this data off the partner’s systems.

However, the investigation did not find any malicious code on any of HealthEquity’s systems, and the company has assured customers that the incident has not affected its business operations in any way.

In response to TechCrunch, HealthEquity spokesperson Amy Cerny clarified that it was an isolated incident and that “transactional systems, where integrations occur, were not impacted.” That said, Cerny declined to comment on the exact nature of the stolen personally identifiable and protected health information, the number of people affected, and which partner was responsible for the initial compromise.

This is only the latest instance of a long line of cyber-attacks plaguing the healthcare industry. Russian gang Qilin recently targeted London hospitals, causing 800 operations to be canceled. Earlier this year, Kaiser Permanente disclosed a breach affecting 13.4 million individuals.