3.6 Million People Just Had Their Data Stolen
Aura, Navia, and Stryker breaches expose Social Security numbers and health records
Three companies breached between March 13-19. Aura data breach: 900,000 customer records. Navia data breach: 2.7 million health benefit records. Stryker: tens of thousands of employee devices wiped by Iranian hackers. Here's the kicker—Aura sells identity theft protection. That's their business. And they still got breached.
What you'll learn
- Details of Aura, Navia, and Stryker breaches
- What data was stolen and how it's being used
- Why retirees get targeted after breaches
- Privacy Guides report information
- Three immediate protection steps
The three breaches
From Privacy Guides' March 20 report:
Aura (900,000 customers)
Aura sells identity theft protection services. The Aura data breach exposed customer names, addresses, Social Security numbers, account details. The irony: people who paid for identity theft protection now need it.
Navia (2.7 million people)
Navia Benefit Solutions handles health savings and flexible spending accounts. The Navia data breach leaked names, Social Security numbers, health benefit information, medical claims data. HIPAA-protected information now on the dark web.
Stryker (tens of thousands)
Stryker (medical device manufacturer) had employee devices wiped by Iranian hackers. Smaller numbers, but demonstrates state-sponsored hackers targeting American healthcare infrastructure. Employee personal information likely compromised.
Once data from these breaches hits the dark web, it's permanent. Scammers buy lists. The Aura data breach and Navia data breach victims will be targeted for years.
From Privacy Guides' March 20 report:
Aura (900,000 customers)
Aura sells identity theft protection services. The Aura data breach exposed customer names, addresses, Social Security numbers, account details. The irony: people who paid for identity theft protection now need it.
Navia (2.7 million people)
Navia Benefit Solutions handles health savings and flexible spending accounts. The Navia data breach leaked names, Social Security numbers, health benefit information, medical claims data. HIPAA-protected information now on the dark web.
Stryker (tens of thousands)
Stryker (medical device manufacturer) had employee devices wiped by Iranian hackers. Smaller numbers, but demonstrates state-sponsored hackers targeting American healthcare infrastructure. Employee personal information likely compromised.
Once data from these breaches hits the dark web, it's permanent. Scammers buy lists. The Aura data breach and Navia data breach victims will be targeted for years.
What happens next
If you're connected to Aura, Navia, or Stryker, scammers have everything they need to impersonate you:
- Fake tax returns using stolen Social Security numbers
- New credit cards opened using information from the Aura data breach
- Medical identity theft using health information to get prescriptions, medical care, surgery
- Phishing emails to contacts pretending to be you
- Account takeovers using stolen info to reset passwords
Fixing identity theft: 6 months average, 200 hours of work. For retirees on fixed incomes, this is devastating. Can't earn stolen money back. Can't afford lawyers. Just endless phone calls trying to prove innocence.
What companies won't say
The "credit monitoring" they offer as compensation is nearly useless. Tells you after fraud happens, not before. Doesn't protect against medical identity theft or Social Security fraud. The Aura data breach victims got offered the exact service that failed to protect Aura itself.
Protect your inbox from follow-up scams
After the Aura data breach and Navia data breach, victims will get floods of targeted phishing emails. Scammers have names, addresses, enough personal details to make emails look legitimate.
Forward suspicious emails to [email protected]. Get instant analysis. Catch the follow-up scams before clicking.
Can't undo breaches. Can protect against what comes next.
If you're connected to Aura, Navia, or Stryker, scammers have everything they need to impersonate you:
- Fake tax returns using stolen Social Security numbers
- New credit cards opened using information from the Aura data breach
- Medical identity theft using health information to get prescriptions, medical care, surgery
- Phishing emails to contacts pretending to be you
- Account takeovers using stolen info to reset passwords
Fixing identity theft: 6 months average, 200 hours of work. For retirees on fixed incomes, this is devastating. Can't earn stolen money back. Can't afford lawyers. Just endless phone calls trying to prove innocence.
What companies won't say
The "credit monitoring" they offer as compensation is nearly useless. Tells you after fraud happens, not before. Doesn't protect against medical identity theft or Social Security fraud. The Aura data breach victims got offered the exact service that failed to protect Aura itself.
The "credit monitoring" they offer as compensation is nearly useless. Tells you after fraud happens, not before. Doesn't protect against medical identity theft or Social Security fraud. The Aura data breach victims got offered the exact service that failed to protect Aura itself.
Protect your inbox from follow-up scams
After the Aura data breach and Navia data breach, victims will get floods of targeted phishing emails. Scammers have names, addresses, enough personal details to make emails look legitimate.
Forward suspicious emails to [email protected]. Get instant analysis. Catch the follow-up scams before clicking.
Can't undo breaches. Can protect against what comes next.
After the Aura data breach and Navia data breach, victims will get floods of targeted phishing emails. Scammers have names, addresses, enough personal details to make emails look legitimate.
Forward suspicious emails to [email protected]. Get instant analysis. Catch the follow-up scams before clicking.
Can't undo breaches. Can protect against what comes next.
Three immediate actions
1
Freeze credit now
If you're connected to Aura, Navia, or Stryker, freeze your credit. All three bureaus: Equifax, Experian, TransUnion. Free. Do it today. Stops scammers from opening new accounts.
How it works: Free, takes 10 minutes online. Prevents new accounts. Temporarily unfreeze when needed for legitimate applications.
2
Monitor accounts daily
Watch bank statements. Navia data breach victims need to watch for medical billing fraud too. Check credit reports monthly (free at AnnualCreditReport.com). Report unauthorized activity immediately.
Set alerts: Most banks offer free fraud alerts via text or email. Turn them on for any transaction over $50.
3
Screen all emails carefully
Scammers buy stolen data and craft personalized phishing emails. After the Aura data breach, expect emails that know personal details. Forward suspicious emails to [email protected] before clicking. Phishing emails will come.
Warning sign: Emails that reference personal details (address, SSN last 4, health provider) but ask for verification "due to security concerns." That's scammers using stolen data to gain trust.
Bottom line
The Aura data breach (900K), Navia data breach (2.7M), and Stryker attack (tens of thousands) between March 13-19 exposed Social Security numbers, health records, personal information. This data is now on dark web marketplaces. Freeze credit. Monitor accounts daily. Screen emails carefully. Once data is stolen, it's gone forever.
#AuraDataBreach
#NaviaDataBreach
#DataBreach2026
#IdentityTheftProtection
#RetireePrivacy
#CyberSecurity
Get weekly breach alerts
Don't wait to discover your data was breached. Join thousands who get the free weekly Insider Notes Newsletter.
Sign up free at CraigPeterson.com
No spam. No jargon. Real protection.
Freeze credit now
If you're connected to Aura, Navia, or Stryker, freeze your credit. All three bureaus: Equifax, Experian, TransUnion. Free. Do it today. Stops scammers from opening new accounts.
How it works: Free, takes 10 minutes online. Prevents new accounts. Temporarily unfreeze when needed for legitimate applications.
Monitor accounts daily
Watch bank statements. Navia data breach victims need to watch for medical billing fraud too. Check credit reports monthly (free at AnnualCreditReport.com). Report unauthorized activity immediately.
Set alerts: Most banks offer free fraud alerts via text or email. Turn them on for any transaction over $50.
Screen all emails carefully
Scammers buy stolen data and craft personalized phishing emails. After the Aura data breach, expect emails that know personal details. Forward suspicious emails to [email protected] before clicking. Phishing emails will come.
Warning sign: Emails that reference personal details (address, SSN last 4, health provider) but ask for verification "due to security concerns." That's scammers using stolen data to gain trust.
Bottom line
The Aura data breach (900K), Navia data breach (2.7M), and Stryker attack (tens of thousands) between March 13-19 exposed Social Security numbers, health records, personal information. This data is now on dark web marketplaces. Freeze credit. Monitor accounts daily. Screen emails carefully. Once data is stolen, it's gone forever.
#AuraDataBreach #NaviaDataBreach #DataBreach2026 #IdentityTheftProtection #RetireePrivacy #CyberSecurity
Get weekly breach alerts
Don't wait to discover your data was breached. Join thousands who get the free weekly Insider Notes Newsletter.
Sign up free at CraigPeterson.com
No spam. No jargon. Real protection.
Watch your accounts. Freeze your credit. Question every email.