Navia Benefit Solutions suffered a data breach where unauthorized actors accessed its systems between December 22, 2025, and January 15, 2026, exfiltrating highly sensitive personal information including names, dates of birth, Social Security Numbers, and benefit plan details for approximately 2.7 million individuals. The company discovered the suspicious activity on January 23, 2026, and has since reviewed its security posture and data retention policies. While no specific attack vector or vulnerability details were disclosed, the exposed data poses a significant risk for phishing and social engineering attacks against the affected individuals.
Navia discloses data breach impacting 2.7 million people By Bill Toulas March 19, 2026 04:43 PM 0 Navia Benefit Solutions, Inc. (Navia) is informing nearly 2.7 million individuals of a data breach that exposed their sensitive information to attackers. An investigation into the incident revealed that the hackers had access to the organization's systems between December 22, 2025, and January 15, 2026. However, the company discovered the suspicious activity on January 23. Navia says that it responded immediately and launched an inquiry to determine the potential impact of the incident. “The investigation determined that an unauthorized actor accessed and acquired certain information between December 22, 2025, and January 15, 2026,” the company says in the notification to impacted individuals. Navia is a consumer-focused administrator of benefits that provides services to more than 10,000 employers across the U.S. The company provides software and customer services for the administration of Flexible Spending Accounts (FSA), Health Savings Accounts (HSA), Health Reimbursement Arrangements (HRA), Commuter Benefits and COBRA Services. It also helps handle commuter benefits, lifestyle accounts, education benefits, compliance/risk services, and retirement-related offerings. According to the company, the investigation into the breach revealed that the hacker accessed and may have exfiltrated the following types of data: Full name Date of birth Social Security Number (SSN) Phone number Email address Participation in HRA (Health Reimbursement Arrangements) FSA (Flexible Spending Accounts) information Consolidated Omnibus Budget Reconciliation Act (COBRA) enrollment information Navia underlines that the data breach did not expose details about claims or financial information. Nevertheless, the exposed data is enough for threat actors to deploy phishing and social engineering attacks aimed at affected individuals. The company states that it has reviewed its security posture and data retention policies to identify potential weaknesses that can be improved, and has notified federal law enforcement about the incident. Customers whose information was exposed will be covered by a free 12-month identity protection and credit monitoring service from Kroll. Letter recipients are also encouraged to consider placing a fraud alert and security freeze on their credit files. At the time of writing, no ransomware group has claimed the Navia data breach. Red Report 2026: Why Ransomware Encryption Dropped 38% Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight. Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded. Download The Report Related Articles: Canadian retail giant Loblaw notifies customers of data breach European DYI chain ManoMano data breach impacts 38 million customers Volvo Group North America customer data exposed in Conduent hack Aura confirms data breach exposing 900,000 marketing contacts Medical device maker UFP Technologies warns of data stolen in cyberattack