Zizzl Data Breach Exposes Social Security Numbers: 2,416 Affected

On May 30, 2025, Zizzl LLC, a Milwaukee-based benefits consulting firm specializing in Individual Coverage Health Reimbursement Arrangements (ICHRAs), discovered suspicious activity involving a single employee’s email account. The breach occurred after an employee received a phishing email.

An investigation took place and it was determined that an unauthorized actor gained access to the employee’s email account between May 29 and May 30, 2025. The data breach compromised personally identifiable information of an 2,416 number of individuals.

Exposed information may include names, addresses, dates of birth, Social Security numbers, driver's license or state ID numbers, health insurance information, medical records and financial information. A review was completed on July 22, 2025 and Zizzl health began notifying impacted individuals by mail.

The data breach was disclosed to the Massachusetts Attorney General's office and the New Hampshire Attorney General's office on Aug. 14, 2025. The company also reported the cybersecurity incident to the U.S. Department of Health and Human Services on the same day.

Zizzlhealth's response

In addition to required state and federal disclosures, Zizzl health is offering impacted individuals 24 months of free Experian credit monitoring services.

If you receive notification from Zizzl health about this breach, you may want to:

• Sign up for the free Experian credit monitoring services.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For more information about the organization, visit the Zizzlhealth website.