**Hims & Hers** is an American telehealth company specializing in direct-to-consumer healthcare, offering subscription-based treatments for various conditions. With a significant market presence and substantial annual revenues, the company is a major player in the online pharmacy and telehealth sector. ### Breach Details According to the notification filed with California authorities, the breach took place between February 4 and February 7, 2026. The company detected suspicious activity affecting its third-party customer service platform on February 5, 2026. "On February 5, 2026, **Hims & Hers, Inc.** became aware of suspicious activity affecting our third-party customer service platform," the company stated in its notification. "We promptly took steps to secure our customer service platform and initiated an investigation into the nature and scope of the potential security incident." The investigation revealed that unauthorized access to certain customer service tickets had occurred during the specified period. The exposed information may include names, contact details, and other data related to customer support requests. **Hims & Hers** clarified that no medical records or doctor communications were compromised. ### ShinyHunters Connection While **Hims & Hers** has not disclosed specific details, *BleepingComputer* reported that the **ShinyHunters** extortion group was behind the breach. This aligns with a broader campaign involving compromised **Okta** SSO accounts, enabling access to third-party cloud storage and SaaS platforms for data theft. Reportedly, the attackers leveraged a compromised **Okta** SSO account to access the **Hims & Hers Zendesk** instance, resulting in the exfiltration of millions of support tickets. ### Remediation and Recommendations **Hims & Hers** is offering 12 months of free credit monitoring services to affected customers. The company also advises users to be vigilant against phishing attempts and social engineering tactics. Customers are encouraged to review account statements and credit reports for any suspicious activity. *BleepingComputer* has reached out to **Hims & Hers** for further information regarding the incident and the number of impacted customers but has not received a response as of publication. ### Parallels to Recent Incidents This incident echoes recent customer support security breaches affecting **ManoMano** and **Crunchyroll**, both of which involved compromises of the **Zendesk** platform. <div> <h2><a rel="noopener sponsored" href="https://hubs.li/Q048zztN0">Automated Pentesting Covers Only 1 of 6 Surfaces.</a></h2> <p>Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other.</p> <p>This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.</p> </div>