Navia Breach Exposes 2.7 Million Americans’ Social Security Numbers

A major benefits administrator used by over 10,000 employers across the United States has just admitted that hackers stole the personal data of nearly 2.7 million people, including Social Security numbers, dates of birth, and health plan details in a breach that went undetected for almost a month.

Navia Benefit Solutions, a company millions of workers rely on for FSAs, HSAs, HRAs, and COBRA coverage, confirmed the attack Thursday, revealing that intruders were inside its systems from December 22, 2025, to January 15, 2026. The breach was only discovered eight days after the hackers left.

This is one of the largest health-benefits data breaches ever reported in the U.S.

How the Attack Unfolded

Navia says it first spotted suspicious activity on January 23, 2026, and immediately hired outside cybersecurity experts to investigate. Those experts confirmed that an unauthorized actor had full access to sensitive files for 25 straight days over the holiday season, a time when many companies run with reduced IT staff.

The attackers were able to view and download records containing:

• Full names
• Dates of birth
• Social Security numbers
• Phone numbers
• Email addresses
• Health plan enrollment details (FSA, HRA, COBRA)

Navia stressed that medical claims and banking details were not taken, but experts say the stolen combination is pure gold for identity thieves and scammers.

Why This Breach Hits So Hard

Social Security numbers plus dates of birth is the master key to someone’s financial life. With that data, criminals can open credit cards, take out loans, file fake tax returns, or even sell the information on the dark web for $20 to $50 per record.

“People affected by this breach now face years of elevated risk,” said James Lee, chief operating officer of the Identity Theft Resource Center. “This is exactly the type of information used in account takeovers and synthetic identity fraud.”

The breach hits working families especially hard because Navia processes benefits for everyday employees at schools, hospitals, small businesses, and city governments nationwide.

What Navia Is Doing (And Not Saying)

The company says it has “strengthened security controls” and is offering victims 12 months of free credit monitoring through Kroll. Letters started going out this week.

Affected individuals are being told to:

• Place a fraud alert on their credit files
• Consider a credit freeze
• Watch for phishing emails pretending to be from Navia or their employer

As of now, no ransomware gang has claimed responsibility on the dark web, which is unusual for a breach this large. Some security researchers believe this could be the work of an access broker who will quietly sell the data rather than extort the company.

Bigger Picture: Benefits Administrators Are Prime Targets

Navia is far from alone. In the past 18 months, hackers have hit several major benefits platforms:

These companies sit on treasure troves of exactly what criminals want: SSNs, birth dates, and employer information, all in one place.

This breach will almost certainly trigger investigations by state attorneys general and the U.S. Department of Health and Human Services, which could lead to heavy fines if Navia is found to have had weak security.

For millions of Americans, the damage is already done. Many won’t know their data was stolen until they get denied for a mortgage, hit with surprise tax bills, or see strange accounts opened in their name months or years from now.

This breach is a brutal reminder that every time you sign up for an FSA or HSA at work, you’re trusting a third-party company with the keys to your identity. And right now, too many of those companies are failing that trust.

What do you think: should companies face much bigger fines when they lose our Social Security numbers? Drop your thoughts below and share this story with #NaviaBreach so others know to check their mail and protect themselves.