Strauss Borrelli PLLC, a leading data breach law firm, is investigating Further Operations, LLC (“Further”) and its parent company, HealthEquity, Inc. (“HealthEquity”) regarding its recent data breach. The Further data breach may have involved sensitive personal identifiable information and protected health information belonging to over 75,000 individuals.
ABOUT FURTHER OPERATIONS, LLC AND HEALTHEQUITY, INC.:
Further is a health spending solutions provider based in Utah. Founded 29 years ago, Further set its goal to seamlessly connect health and finance to help people live healthier lives.2 Today, Further serves both employers and individuals. Using its technology to bring components together, Further offers a variety of health spending products, including health savings accounts, flexible spending accounts, and health reimbursement arrangements.2 Business clients of Further can incorporate extended solutions into their benefits offerings for employees, such as dependent care or adoption assistance programs, transportation reimbursement accounts, premium only plans, and COBRA.2 Having been acquired by HealthEquity in November 2021, Further is headquartered in Draper, Utah.4
WHAT HAPPENED?
Recently, Further and its parent company, HealthEquity, Inc., reported to the South Carolina Department of Consumer Affairs that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in may have been accessed. According to the breach notice, on March 25, 2024, HealthEquity learned that an unauthorized third party had accessed a data repository outside its main systems. As a result, HealthEquity launched an investigation to determine the nature of the incident.
After learning that sensitive data was compromised. HealthEquity began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On June 26, 2024, HealthEquity finalized this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name;
- Social Security number;
- Address; and
- Health insurance information, such as employee ID, employer, health plan member number, and dependent contact information.
On July 26, 2024, HealthEquity began mailing data breach notification letters to impacted individuals. Based on the breach notices sent to South Carolina residents, HealthEquity is providing affected individuals with a list of the specific type of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification letter that HealthEquity filed with the South Carolina Department of Consumer Affairs is below.
If you received a breach notification letter from Further Operations, LLC and HealthEquity, Inc.
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.