Strauss Borrelli PLLC, a leading data breach law firm, is investigating WageWorks, Inc. and its parent company, HealthEquity, Inc. (“HealthEquity”) regarding its recent data breach. The WageWorks data breach may have involved sensitive personal identifiable information and protected health information belonging to over 75,000 individuals.
ABOUT WAGEWORKS, INC AND HEALTHEQUITY, INC.:
WageWorks is a financial service provider based in California. Founded in 2000, WageWorks is a leader in administering Consumer-Directed Benefits (CDBs).2 Today, WageWorks is solely dedicated to administering CDBs, including pre-tax spending accounts, such as Health Savings Accounts (HSAs), health and dependent care Flexible Spending Accounts (FSAs), Health Reimbursement Arrangements (HRAs), as well as Commuter Benefit Services, including transit and parking programs, wellness programs, COBRA, and other employee benefits.2 HealthEquity and WageWorks joined in 2019 to create a new health savings and consumer-directed benefits partner for employers, benefits consultants, and health and retirement plan providers seeking to help working families connect health and wealth.3,5 Headquartered in San Mateo, California, WageWorks has multiple locations across the United States and employs over 1,000 individuals.
WHAT HAPPENED?
Recently, WageWorks and its parent company, HealthEquity, Inc., reported to the South Carolina Department of Consumer Affairs that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in may have been accessed. According to the breach notice, on March 25, 2024, HealthEquity learned that an unauthorized third party had accessed a data repository outside its main systems. As a result, HealthEquity launched an investigation to determine the nature of the incident.
After learning that sensitive data was compromised. HealthEquity began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On June 26, 2024, HealthEquity finalized this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name;
- Social Security number;
- Address; and
- Health insurance information, such as employee ID, employer, health plan member number, and dependent contact information.
On July 26, 2024, HealthEquity began mailing data breach notification letters to impacted individuals. Based on the breach notices sent to South Carolina residents, HealthEquity is providing affected individuals with a list of the specific type of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification letter that HealthEquity filed with the South Carolina Department of Consumer Affairs is below
If you received a breach notification letter from WageWorks, Inc. and HealthEquity:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
