Skip to content
Note: New information about the SFTP MOVEit vulnerability was added on June 16 at 3:45 p.m. CT.
I can share new information on this event. As of today, HealthEquity was removed from the impacted list related to the SFTP MOVEit vulnerability. We continue to be vigilant in our efforts to protect the confidentiality, integrity, and security of our customer data, systems, and applications and those of our partners.
Update from June 15, 2:00 p.m. CT
To our HealthEquity customers, in our ongoing commitment to transparency, I want to inform you that HealthEquity recently became aware of a vulnerability related to our third-party software provider, MOVEit. We took immediate action to patch the vulnerability within 24 hours of its discovery and will continue to take necessary steps as needed. As a result, there has been minimal disruption to our members, clients, and other partners.
While HealthEquity is named as an impacted entity, we have performed a thorough investigation resulting in no evidence of exposure regarding any personally identifiable data or client information at this time. We take our responsibility to protect our systems and the data entrusted to us very seriously and are committed to providing the secure experience our clients and members expect.
We will continue to monitor and deploy increased security measures and capabilities across our platforms to help detect and prevent further threat activity, while working with our partners to do the same.
Subscribe to Remark
Get new posts delivered to your inbox.
Thank you for subscribing!
How did you like this article?
