Telehealth company Hims & Hers suffered a data breach in February 2026 after the ShinyHunters extortion gang compromised their Zendesk customer service platform. The attackers used stolen Okta SSO accounts to gain unauthorized access and exfiltrate millions of support tickets containing names, contact information, and other personal data.
Initial Access
SSO Account Compromise
confirmed
The ShinyHunters extortion gang compromised Okta SSO accounts as part of a widespread campaign targeting third-party cloud services.
Defender cut points
Enforce phishing-resistant FIDO2 MFA on all Okta SSO accounts.Implement continuous monitoring for anomalous login attempts and access patterns to SSO.
