WebTPA, a third-party administrator providing healthcare management and administrative services, disclosed a data breach affecting nearly 2.5 million individuals. The breach was reported to the U.S. Department of Health and Human Services on May 8, 2024. WebTPA detected suspicious activity on its network on December 28, 2023, and an investigation revealed that personal information may have been accessed between April 18 and April 23, 2023. The breach potentially exposed names, contact information, dates of birth, Social Security numbers, and insurance details, though financial and treatment data were not affected. WebTPA has notified affected benefit plans and insurance companies, offered two years of complimentary identity monitoring services, and implemented additional security measures. The company recommends individuals remain vigilant against identity theft and monitor their credit reports and benefit statements for suspicious activity.