Navia Data Breach Impacts 2.7 Million Individuals

Navia experienced a data breach between late December 2025 and mid-January 2026, during which hackers exfiltrated personal and health plan information from its systems. The incident impacted approximately 2.7 million individuals, though no specific technical details about the attack vector or compromised systems were disclosed. The breach involved sensitive data, including personally identifiable and health-related records, but no CVE IDs or additional forensic findings were mentioned. The timeline of the intrusion spans a period of roughly three weeks, with no indication of the geographic scope or affected subsidiaries. The full extent of the exposed data remains unclear beyond the broad categories of personal and health plan information.