Navia Benefits Administration Breach — March 2026
2.7 million individuals had names, SSNs, DOBs, contact information, and benefits administration data (HRA/FSA/COBRA) exposed after unauthorized access from December 2025 through January 2026.
- Names
- Social Security Numbers
- Dates of birth
- Phone numbers
- Email addresses
- HRA/FSA/COBRA benefits data
Benefits administration provider Navia disclosed a breach affecting 2.7 million individuals. The compromise occurred between December 2025 and January 2026, with unauthorized access to systems holding names, Social Security Numbers, dates of birth, phone numbers, email addresses, and benefits-account data including Health Reimbursement Arrangement (HRA), Flexible Spending Account (FSA), and COBRA records.
The healthcare-and-financial overlap makes this dataset a goldmine for identity-theft operations that can lead to doxxing. SSN + DOB + employer is enough to open new credit lines, file fraudulent tax returns, or seed targeted phishing campaigns. For creators and streamers using employer benefits portals, the risk extends to having those programs hijacked or queried by harassment campaigns.
Want the rest of this breakdown?
Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary Warden™ to see if their identity is exposed in the breaches we cover.
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →